Driver Letter: Internet Social Networking
Dear Professional Driver,
This month’s letter is intended to make you aware of the risks of internet social networking. You may ask yourself; what does this have to do with driving? Actually, nothing; but an issue you need to know about and share with your loved ones who frequent online social networks. The following information is provided by the Federal Bureau of Investigation.
Once information is posted to a social networking site, it is no longer private and it can’t be retrieved. The more information posted, the more vulnerable the provider becomes. Even if your computer has high security settings, the recipients and websites you share that information with, may inadvertently leak that information.
Personal information you share can be used to conduct cyber-attacks against you, your family or associates, if you use the computer for a home business. The more information shared, the more likely someone could impersonate you, tricking one of your friends or clients into sharing personal information, downloading malware or provide access to restricted sites. Predators, hackers, business competitors and foreign state agents troll social networking sites looking for information to exploit users of those sites.
Let’s look to see the tactics these individuals use:
• Baiting – Someone gives you a USB drive, thumb drive or flash drive preloaded with malware in hope you will use the device and enable them to hack your computer
• Click-Jacking – Concealing hyperlinks beneath legitimate clickable content which, when clicked, causes a user to unknowingly download malware or sending your ID to a site. Example of this tactic employ “Like” or “Share” buttons on social networking sites
• Doxing – Publicly releasing a person’s identifying information including full name, date of birth, address, and pictures typically retrieved from social networking site profiles
• Elicitation – Using conversation (chat rooms) to extract information from people without giving them the feeling they are being interrogated
• Pharming – Redirecting users from legitimate websites to fraudulent ones for purpose of extracting confidential data, for example, a bank website
• Phishing – An email that looks like it is from a legitimate organization or person, but is not and contains a link or file with malware
• Scams – Fake deals that trick users into providing money, information or service in exchange of the deal
• Spoofing – Deceiving computers or computer users by hiding or faking one’s identity. Email spoofing utilizes a sham email address or simulates a genuine email address.
The Federal Bureau of Investigation recommends the following preventive measures:
➢ Do not store any information you want to protect on any device that connects to the internet
➢ Always use high security settings on social networking sites and be very limited in the personal information you share
➢ Use anti-virus and firewall software
➢ Change your passwords periodically and not use an old one. Do not use the same password for more than one system or service. Someone who knows your email password may also gain access to your online banking information if the password is the same.
➢ Don’t post anything that may embarrass you later or don’t want strangers to know
➢ Verify who you correspond with. It is very easy to fake identities over the internet
➢ Do not automatically download or respond to content on a website or in an email. Do not click on links in email messages claiming to be from a social networking site. Instead, go directly to the site to retrieve messages
➢ Only install applications or software that come from trusted, well-known sites. “Free” software may come with malware
➢ Disable Global Positioning System (GPS) encoding. Many digital cameras encode the GPS location if a photo when it is taken. If that photo is uploaded to a site, so are the GPS coordinates, letting others to know the exact location
➢ Avoid accessing your personal accounts from public computers or through public WiFi spots
➢ Monitor your bank statements, balances and credit reports
➢ Do not share usernames, passwords, social security numbers, credit cards and bank information
➢ Do not provide information about yourself that will allow others to answer your security questions – such as when using “I forgot my password” feature
➢ Be thoughtful and limit personal information you share such as job titles, locations, hobbies, likes and dislikes, or names and details of family members, friends, and co-workers
Hey, this letter may not be about trucking safety however, I wanted to share some “Cyber-Safety” with you. Please share this information to keep your friends, loved ones and business associates aware of this cyber-threat.