Securing Your Securing Your Facebook IdentityFacebook Identity

Nicholas A. Davis, CISA, CISSPUW-Madison

Division of Information Technology

04/20/23 UNIVERSITY OF WISCONSIN 1

!!Advisory!!!!Advisory!!The content of today’s presentation is designed to help people protect themselves on Facebook. This is NOT a session on Facebook hacking. If hacking Facebook is your motivation for attending today’s session, please leave now

04/20/23 UNIVERSITY OF WISCONSIN 2

OverviewOverviewBasic rules of Facebook securityUnique situation on UW-Madison campus (academic research poses a unique Facebook chalenge)Why unauthenticated identity means “be careful”The dangers of Facebook photosApplication settings and security preferencesFacebook passwordsTime and place concernsRoaming securityAccount cleanup and maintenanceTips and tricksQ&A session

04/20/23 UNIVERSITY OF WISCONSIN 3

Basic Rules of SecurityBasic Rules of Security1. Think before you post2. Customize your privacy settings3. Don’t accept friend requests from

people you do not know4. Keep sensitive information private5. Remember, being on Facebook

means that you are living like a rock star! (kind of)

04/20/23 UNIVERSITY OF WISCONSIN 4

Research Lab ExampleResearch Lab Example

04/20/23 UNIVERSITY OF WISCONSIN 5

Meet Flat CowMeet Flat CowWe will be using Flat Cow, known to his friends as FC, in a few slides

04/20/23 UNIVERSITY OF WISCONSIN 6

Wait, Cows Can’t Be On FB!Wait, Cows Can’t Be On FB!Unauthenticated IdentityUnauthenticated Identity

04/20/23 UNIVERSITY OF WISCONSIN 7

Organize Friends In ListsOrganize Friends In Lists

04/20/23 UNIVERSITY OF WISCONSIN 8

Photos Tell StoriesPhotos Tell Stories(Not Always Safe Ones)(Not Always Safe Ones)

04/20/23 UNIVERSITY OF WISCONSIN 9

Photos Tell StoriesPhotos Tell Stories(Not Always Flattering Ones)(Not Always Flattering Ones)

04/20/23 UNIVERSITY OF WISCONSIN 10

Keep In MindKeep In MindDon’t get yourself into a situation in which such pictures can be takenYou have little to no control over who takes your picture in publicThink about the stories your photos tell about youExercise control over pictures of you tagged by others

04/20/23 UNIVERSITY OF WISCONSIN 11

Automatic UpdatesAutomatic UpdatesTake Control!Take Control!

04/20/23 UNIVERSITY OF WISCONSIN 12

Don’t Advertise YourselfDon’t Advertise Yourself

04/20/23 UNIVERSITY OF WISCONSIN 13

You Can’t Control Your FriendsYou Can’t Control Your FriendsBut You Can Control Their But You Can Control Their

ApplicationsApplications

04/20/23 UNIVERSITY OF WISCONSIN 14

Don’t Let Your App Excitement Don’t Let Your App Excitement Obscure Your JudgementObscure Your Judgement

04/20/23 UNIVERSITY OF WISCONSIN 15

Keep The Stalkers At BayKeep The Stalkers At BayChange Search VisibilityChange Search Visibility

04/20/23 UNIVERSITY OF WISCONSIN 16

Get Your Facebook ProfileGet Your Facebook ProfileOut of GoogleOut of Google

04/20/23 UNIVERSITY OF WISCONSIN 17

Tips To Keep You Safe On Tips To Keep You Safe On FacebookFacebook

Change your Facebook password often

04/20/23 UNIVERSITY OF WISCONSIN 18

Facebook Is a Prime Target Facebook Is a Prime Target For Password HackersFor Password Hackers

Never use the same password for Facebook as you use for your bank access

04/20/23 UNIVERSITY OF WISCONSIN 19

Examine Photos Before You Examine Photos Before You PostPostAvoid posting photos with

identifying information, such as addresses, license plates, etc.

04/20/23 UNIVERSITY OF WISCONSIN 20

Don’t Advertise Your Don’t Advertise Your AbsenceAbsencePost vacation pictures AFTER you

get home

04/20/23 UNIVERSITY OF WISCONSIN 21

Browse Facebook Securely Browse Facebook Securely When at Starbucks (HTTPS)When at Starbucks (HTTPS)

04/20/23 UNIVERSITY OF WISCONSIN 22

Remove Facebook Apps Remove Facebook Apps Which You Do Not UseWhich You Do Not Use

04/20/23 UNIVERSITY OF WISCONSIN 23

Use Privacy Settings To Use Privacy Settings To Block PeopleBlock People

04/20/23 UNIVERSITY OF WISCONSIN 24

Check the Facebook URL Check the Facebook URL OftenOften

04/20/23 UNIVERSITY OF WISCONSIN 25

Know The Difference Between Know The Difference Between Deactivating and Deleting Your Deactivating and Deleting Your

Facebook AccountFacebook AccountDeactivating your account leaves all posts and pictures intactDeletion is supposed to remove everythingDon’t login after you request deletion

04/20/23 UNIVERSITY OF WISCONSIN 26

The Facebook The Facebook Doppelganger SpyDoppelganger Spy

“But Flat Cow is already my “But Flat Cow is already my friend”friend”

04/20/23 UNIVERSITY OF WISCONSIN 27

Three Strikes and You’re Three Strikes and You’re Out!Out!

Don’t Be a Friend PigDon’t Be a Friend Pig

04/20/23 UNIVERSITY OF WISCONSIN 28

How Liking Things CouldHow Liking Things CouldTake Advantage of YouTake Advantage of You

04/20/23 UNIVERSITY OF WISCONSIN 29

Facebook SecurityFacebook SecurityBest PracticesBest Practices

http://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx

04/20/23 UNIVERSITY OF WISCONSIN 30

Carnival Cruise ScamCarnival Cruise ScamJust One ExampleJust One Example

Message purporting to be from "Carnival Cruise" claims that Facebook users can win an all-expenses-

paid vacation package by liking and sharing a promotional image and clicking a link to apply for the

free tickets.

http://www.hoax-slayer.com/facebook-related.html

04/20/23 UNIVERSITY OF WISCONSIN 31

Enable Login NotificationsEnable Login Notifications

Login notifications are an extra security feature. When you turn on

login notifications, we'll send you an alert each time someone logs into your account from a new place.

04/20/23 UNIVERSITY OF WISCONSIN 32

A Note About UW NetIDA Note About UW NetIDYour NetID is like your toothbrush, only you should use itUW-Madison will NEVER ask for your NetID and/or password via emailReport any such requests to abuse@wisc.edu

04/20/23 UNIVERSITY OF WISCONSIN 33

Q&A SessionQ&A SessionNicholas Davis

ndavis1@wisc.edufacebook.com/nicholas.a.davis

04/20/23 UNIVERSITY OF WISCONSIN 34