Overview

Social Networking sites have become an integral part of our lives in today’s generation. It plays a major and dominant role in our day-to-day life and the impact it creates on people is huge. From chatting with our loved ones to promoting our businesses online, social networking sites have made our lives easier to a much extent.

Most social networking sites offer features such as chatting, creating profiles, letting users post their interests etc. We tend to share every bit of information about us on social media, without even caring about the security and privacy aspects of it. We are living in an illusion that we share so much information on social media and we still are secure and have a private life. But, one of the most serious issue we must address immediately in this context is the privacy and security of our sensitive information. The data can be used by the attackers to harm users and hence it becomes very essential for users to protect their online content.

The data and information present on social networking sites are used in economic, social and geographic analysis and thus give meaningful insights. But publishing of those analysis can create security threats and users sharing their sensitive and personal information may face privacy breach. Users must be aware of such threats and that’s why reading the terms and conditions of the social platforms become very necessary which most of the users avoid. Most of the social networking sites like Facebook keeps tracks of all the activities that you do in offline world which are not even shared on the platform. Hence, in such cases it becomes very important for users to take the responsibility and protect their privacy.

Why privacy on social networks is so important?

Privacy of information is referred to as data privacy or online privacy. Online privacy means to browse the internet without having to worry that someone can snoop on your online activity for their own profit and steal the information that we share.

It is an element of online security which is responsible for the following aspects:

• What data is acquired

• How data is collected and stored

• Whether or not data is shared with third parties

• Regulatory restrictions

Data privacy should be valued in the same way we handle confidential issues in the real world. Most of the information on the internet seems to be free, but it comes at the cost of our privacy. Whether you are watching videos on YouTube or using social networks like Facebook or twitter, even visiting a website means you are sharing data about yourself. Hence some online entities gather and store your information.

Privacy is important for various reasons. Sometimes the information you share with one site/platform may also share your personal information with third parties. You don’t want your personal information to be shared with everyone. You don’t want to share your details with strangers and it’s very difficult to be sure what personal information is gathered and by whom.

The information that third parties gain from the users can cause harm and can cheat the users in just a matter of time and users will find themselves in a big trouble if proper precautions not taken. Hence, this is why privacy is so much important for users and one must protect it any cost.

As much as businesses and platforms have the responsibility to secure the data of their users, users also have an equal responsibility to protect their privacy.

The biggest social networking privacy issues:

1) Cookies

Cookies are one of the biggest threats to our privacy. Cookies are fragments or piece of information that are saved in our browsers whenever we visit any site. It is done to track the users and their activities to customize the browsing experience.

Cookies are basically a code that tells website our browsing history and this helps to remember the user when the same user visits the site again. Cookies can help the sites by remembering the following information about the users:

• Login details
• Preference settings
• Language settings
• Ad settings
• Identification

You might have experienced that, the product that you were searching on flipkart or any ecommerce store, suddenly all the websites started showing ads about that product without even searching or telling to other sites that you need that particular product.

Ever wondered, how come you are receiving ads about those products as if someone is tracking you or knew what you are looking for? Well, this is because of the cookies that are stored in your browsers.

Cookies store all the information that you browse and keep track of your online activities, which help the sites to customize your browsing experience. They monitor your browser and personal data which other sites may also access or when any third-party ad serving is involved and thus your privacy can be harmed. When you visit a site, your browser has collected information from various sites and sources which dictates the ads you see and which means that you are tracked and your privacy needs to be protected.

2) Cloud Data

You might have used some cloud services to access your remote data anywhere anytime and you might feel that you are safe and your privacy is protected.

But that’s not how it goes. If you have used email services or kept files on google drive or uploaded some sensitive information like credit card number or some private records, whatever you set up there can be retrieved by somebody else and your privacy faces a threat.

3) Search engines user tracking

Search engines not only track what you’ve been looking for but also log information about what sites you often visit. Search engines can collect the following: -

• User’s search history
• IP addresses
• Cookies

This information collectively can be used for compositing a user’s persona based on shopping, browsing and social media preferences.

Precautions

Some of the precaution’s users can take to maintain a certain level of privacy on social networking sites are listed below:

• To go through the privacy settings of your account and change it as per the needs.
• To make sure read all the terms and conditions before accepting anything.
• To stop posting each and every information about them on social media which may put them in trouble.
• Create strong passwords for your account and change the passwords frequently.
• Turn off the location or put false location, since some social networking sites keeps track of your activities even in offline world.
• Use DNT (Do Not Track) setting on your online browsers. When you enable it in your browsers, you are telling the websites and third parties that you do not want to be tracked.
• Use cookie-blocking browser extensions which will help keep tracking and especially third party information.
• Browse in incognito mode. Incognito mode is also known as private browsing which means that your online history isn’t tracked or stored.
• Make sure to secure your devices and use antivirus software. Run it regularly and make sure you carry out frequent scans.
• Empower yourself with relevant information and learn about Internet rights.

Security in social networks

Social networks have brought a significant impact in our lives. A Social Network Service (SNS) is a kind of web service that establishes a virtual connection between people with similar interests, hobbies, background and activities. It allows people to make friends and expand their connections. SNS allows users to share data which is another key feature where users can post photos, videos, blogs or any kind of post to showcase their network. A common example of such SNS is Instagram where people can upload photos/videos or any kind of posts on their feed and their network will be able to see it and like and comment on their posts. Instagram have become a desired media of communication nowadays for billions of online users.

Brands promote their business and gain a lot through their marketing and advertising campaign. SNSs can be very beneficial for users since they have such key features which make their lives easy and comfortable. But, with the popularity of SNSs, there is also a high risk involved. SNSs such as Instagram, Facebook allow billions of users to share their personal information. There are many security threats in SNSs which can put user’s shared data at risk and can potentially trouble them. Security is a service that ensures that protecting information assets through the use of technology, processes, procedures and training. User’s information is being tracked and illegally used by malicious users and third parties for their own gain. The large amount of information that users share make them a desirable target for attackers. Attackers can easily access user’s personal sensitive information and can carry out many attacks such as spam, malware, social bots and identity theft.

The wide age range and technology experience level of SNS users makes security management even more complex. The threat from hackers, malicious users and cybercriminals has increased in relation to our dependence on the SNSs. A sophisticated attack can compromise the enterprise networks. The attacks can range from account hijacking, fraud and impersonation attacks to malware distribution.

Let us look at some of the security threats that attackers commonly use to harm users.

1) Identity theft

Identity theft refers to stealing another person’s identifying information or personal financial documents like credit card or bank account in order to gain access to his financial resources or obtain access to other benefits such as insurance benefits, money or credit. It is serious crime which can have severe consequences.

Once the identity of victim has been stolen, the attacker uses the information to access the victim’s financial resources and often the victim doesn’t even realize that the crime has been occurred. Hence, it is very much important that each user using social networks must have an identity theft protection plan.

2) Spoofing

Spoofing is an act of impersonating other users or systems to obtain the privileges and other assets. It involves stealing accounts, guessing passwords to access the systems. Spoofing attacks come in many forms, some of which are as follows: -

• IP spoofing
• Email spoofing
• Website or URL spoofing
• Caller ID spoofing
• Man-in-the-middle attacks
• GPS spoofing

Spoofing generally occurs when the victims have compromised with their privacy. If you never doubt the legitimacy of a website and never suspect an email or messages of being faked, then you are likely to become a victim of spoofing attack at some point.

To protect against spoofing, make sure to turn on your spam filter which will stop the majority of spoofed emails from making it to your inbox. Don’t click on links or attachments in the email if the email has been sent by an unknown sender. Always login through a separate window or tab and navigate the site directly. Also, investing in a good cybersecurity program will be able to alert you to the threat and prevent malwares from getting entered in your systems.

3) Phishing

A phishing is an attack in which malicious users or attacker send messages to a user pretending to be a trusted person or entity. They manipulate users causing them to performs action like installing harmful or malicious files or applications, clicking harmful links to gain access of personal sensitive information of user. The messages are sent via emails, SMS services or messaging applications. Email phishing, smishing and vishing are some of the common types of phishing. Often phishing attacks mimic calls or emails from large companies like IBM, Amazon, Microsoft and government offices.

Following are some ways through which you can prevent phishing attack:

• HTTPS Webpages: Https websites are secure and they are less likely to be phishing web pages. Also, running network attacks on such secured websites is more challenging than usual.
• Email authenticity: One must always check the sender’s address of the email they have received. Always make sure to cross check the sender and the contents of email which asks for a private sensitive information.
• Anti-Phishing extensions: There are many free anti-phishing extensions available like Netcraft and CloudPhish which scan your emails to check for known vulnerabilities that can lead to phishing attacks. Adding such extensions in your browsers makes easy to filter out most phishing emails without users having to do any manual work.

These were some of the common attacks often used by attackers to break security. But, apart from these there are many more advanced threats that attackers use to harm users. The image below lists all the types of attacks subsequentially used by the attackers to violate security.

After having a detailed discussion on security and security threats, now let us look at the preventive measures’ users must take to ensure the security of their account. Below is the list of few security precautions one must take: -

• Setting strong passwords: Always make sure to set passwords which are complex and difficult to predict. Don’t set such passwords built using the information that is easily accessible from your account (e.g., phone no, birth date)

• Reveal less about yourself: Don’t reveal too much information about yourself in the posts. By doing this, you are sending direct invitation to attackers by revealing so much information and malicious users can easily gain the identity information. Avoid posting your future plans and ideas.

• Hover on the link before navigating: Shortened URLs are mostly being used nowadays to limit the size of long URLs. It can trick users into visiting harmful sites which can ask your personal sensitive information. So before clicking on shortened URLs to avoid being hacked make sure to hover on the URL before actually visiting the site and it will show the complete URL and you will get an idea that where the full URL actually points. Also, there are some services available like URLVoid and MYWOT which check the safety status of the link.

• Clear cookies: Cookies are one of the major threats which can violate the security. They are the major loophole in the entire scenario. As discussed earlier, the job of cookies is to track the user activity as we browse the internet and navigate from one site to another. To avoid being tracked, most sites provide an option to opt out of the tracking feature. Also, make sure to clear the cache and cookies on your browsers regularly in case you don’t find the option to opt out of tracking feature. Alternatively, you can also browse in incognito mode which doesn’t store user history and you can prevent yourself from being tracked.

• Multi-Factor Authentication:

It is a simple yet most impactful and effective defense against hackers. A bruteforce attack can reveal our passwords and our identity can be stolen. Hence, it’s important that there’s some other means of authentication also on top of passwords.

A common practice is to ask the users to further authenticate by clicking on the mail sent to registered email address or entering the one- time password (OTP) sent on user’s registered mobile no. You own the phone and email account; hence you will be saved and hackers won’t be able to access your account. Hence, multi-factor authentication protects you and data security by making hacker’s job much difficult.

Summary and Conclusion

The increased popularity of social networks and its usage have made us over dependent on them. As much as social networks has its advantages and popular features, we must not forget its disadvantages and the threats that occur regularly due to it which can destroy our lives just in a seconds or minutes. Hence proper precautions and preventive measures become so much essential to reduce the harmful effects. Remember that whatever information you post on the internet, even after deleting it the internet never forgets that information. Even the providers of social network have complete access to its user’s information. Hence, whenever you sign up on any social network always make sure to read terms and conditions properly before agreeing. A simple “I agree” without reading can bring unwanted surprises in the future and may trouble you if you are not aware about the agreement that you have accepted. Hence, it’s very much important that you are aware of all the terms and conditions of it before using it. According to research, many advanced technologies like Blockchain, Deep learning, Artificial Intelligence, Image Recognition can be implemented to tackle the security and privacy problems of social networks. But that being said, no matter how strong the security is, it’s equally important that users start becoming responsible for their own privacy and security. Ultimately technology is like a double-edged sword and we must utilize it properly, else it can prove to be a bane to mankind.