In this article:
In this article:
Are you unknowingly giving scammers or predators your personal information? Learn how to identify social media privacy risks and secure your accounts.
In this article:
In this article:
According to a recent survey, 81% of Americans say they’re concerned about their privacy on social networking sites [*]. Yet, the privacy risks of using social media are a nightmare that most users choose to ignore — until it becomes a reality.
That’s what happened to families in Arizona, when a local man used location data on Snapchat to stalk and spy on young girls in the area [*].
The scary truth is that:
Scammers can use the information you freely give out on social media — your posts, profile, and behavioral data — to spy on you, scam you out of money, or steal your identity.
Even worse, data protection issues and privacy loopholes mean that you (or your kids) are likely sharing personal data without your knowledge. But how much danger are you putting yourself in just by using social media? And is there a way to stay social and safe at the same time?
In this guide, we’ll share the most common online privacy risks, and explain how to keep your sensitive information safe from cybercriminals who are searching your social media accounts.
{{show-toc}}
Social media privacy refers to the personal and sensitive information that people can find out about you from your accounts. This information can be purposefully shared (such as in public profiles and posts) or unknowingly shared (such as the data sites share with other companies and social media marketing agencies).
But while most people are concerned about what companies know about them, the bigger danger is what scammers and fraudsters know — and how they can use that information.
According to the Federal Trade Commission (FTC), one out of every four fraud victims was targeted on social media last year, leading to losses of $770 million [*].
“One out of every four fraud victims was targeted on social media last year, leading to losses of $770 million – Federal Trade Commission”
Even with your account set to private, advertisers and scammers can gain access to your sensitive data in the form of:
What’s even more worrying is that some social media sites (like Facebook) collect user data about people who don’t even have an account [*]. These “shadow profiles” are typically used to target you with ads on other connected sites.
But what can happen if unscrupulous users gain access to your personal information?
The more information you share on social media, the more you put your identity, accounts, and finances at risk. Here are the most common social media privacy issues that you need to know about.
Many people unknowingly post personal information that could give hackers clues to their passwords or security questions — for example, posting about your hometown, pets, elementary school, or extended family.
Scammers either use this information to try and brute-force their way into your account or employ social engineering attacks to trick you into providing your password.
In many cases, scammers don’t even need to trick you into giving up your passwords or account information. Leaked social media account information sells on the Dark Web for as little as $25 [*].
📚 Related: How To Keep Your Kids & Teens Safe on Social Media →
If your social media accounts aren’t set to private, you can receive messages from anyone — even scammers trying to get you to click on malicious links. Last year, 12% of all clicks to fake phishing websites originated on social media.
Fraudsters also regularly use social media to run romance scams and investment fraud schemes. In the past few years, the brutally-named “pig butchering scam” has run rampant on social media, costing victims over $10 billion.
📚 Related: The Worst Social Media Scams of 2023 (and How To Avoid Them) →
Many social media sites include location data by default — such as on photos or posts. This data can be used by stalkers, scammers, or even thieves to track your movement.
📚 Related: How Can Someone Track Your Location? (And How To Stop Them)
Scammers need surprisingly little information to steal your identity. And often, the starting point for identity theft can be publicly available information on social media.
Scammers can use your name, address, or phone number to target you with phishing scams — or look up more sensitive information about you that’s for sale on the Dark Web. With just your main email address or phone number, scammers can find any leaked passwords, credit card numbers, or even your Social Security number (SSN).
Social media companies regularly change their policies and features — and some of those changes can cause serious data privacy issues.
For example, in some cases, posts you share privately with friends or in private groups can be shared publicly without your permission. And if your friends don’t follow the same stringent social media privacy settings that you do, this information could be accessed by anyone — even scammers and employers.
📚 Related: The 11 Latest Facebook Scams You Didn't Know About (Until Now) →
Your social media profiles may seem personal, but 70% of employers say they use social media to research candidates during the hiring process [*]. Even worse, 57% say they found content that caused them not to hire a candidate.
“Doxxing” occurs when hackers or bad actors purposefully share personal information about you on the internet in order to cause harm — for example, someone sharing your phone number or home address so that others will harass you. The more information about you that is publicly available, the more likely you could be “doxxed” if targeted by hackers.
For kids, teens, and even adults, social media can be a source of bullying and emotional and psychological attacks. A public account gives cyberbullies easy access to target you with messages and malicious posts — as well as access to your personal information.
📚 Related: How To Prevent Cyberbullying →
Fraudsters create fake social media profiles to try and lure you into fake online relationships — and then ask you for cash, gift cards, or personal information. Romance scammers on social media can use your personal information to craft the perfect scam designed to ensnare you.
Many people use social media logins (such as “Log in with Facebook”). But while these services are convenient, they can expose your personal information to companies or apps that might not have the best digital security in place.
📚 Related: How To Stop Websites From Tracking Your Personal Information →
If your account is set to public, scammers may send you malicious links via direct messages. These messages often seek to create a sense of urgency by using one of these methods:
If you click on any links in these types of messages, you’ll either infect your device with malware or be taken to what looks like a login page for the social media site. But in reality, it’s a fake website designed to steal your username and password.
Finally, all of your activity on social media contributes to your online footprint — the trove of data that advertisers use to target you with ads. Unfortunately, in many cases, anyone can purchase this information from data brokers, putting you at risk of scams, or an onslaught of spam calls, texts, and emails.
Unfortunately, there’s only so much that you can do as an individual to protect your private information on social media.
Some of the biggest risks are outside of your control, like if a social media site is hacked. In the last four years, Twitch, Linkedin, Facebook, Twitter, and Quora have all been hacked — with millions of passwords and other account information ending up on the Dark Web.
The easiest way to see if your data is available to hackers is to use Aura’s free Dark Web scanner. Aura scans known Dark Web forums and sites for your email address to alert you of compromised accounts. Find out if your social media accounts are at risk →
It’s important to keep your data private on social media. Here’s how to update your privacy settings to protect yourself, your family, and your personal information.
Facebook has been in the hot seat for quite some time regarding privacy laws and leaks, including the Cambridge Analytica scandal and the 2018 data breach that impacted 530 million users [*]. Without the proper settings, your Facebook account could be hacked or abused.
📚 Related: How To Recover a Hacked Facebook Account →
A public Instagram profile gives people access to your name, location, and contact information (if business settings are enabled). Ireland’s data privacy regulator recently filed a $402 million fine against Instagram [*] over a loophole that allowed children to open public business accounts.
📚 Related: The 10 Biggest Scams Happening on Instagram Right Now →
Few Twitter users understand the privacy implications of their feed. According to a Pew survey, 65% of users believed their Twitter accounts were set to private [*]. But in reality, 92% of those people actually had their accounts set to public.
📚 Related: How To Properly Set Up Your iPhone's Privacy Settings →
TikTok has quickly become one of the most used social media platforms. While TikTok doesn’t offer as many opportunities to accidentally share private information, it’s still important to update your privacy settings to help prevent phishing attacks and other scams.
📚 Related: TikTok Parental Controls: How To (Safely) Set It Up for Kids →
LinkedIn is a powerful tool for building your professional network. But it can also expose some of your most sensitive information — including your name, occupation, and contact details.
The Federal Bureau of Investigations (FBI) recently issued a warning against a LinkedIn threat wherein criminals have been making fake, yet convincing, profiles in order to promote fraudulent cryptocurrency investments [*].
📚 Related: How To Spot a LinkedIn Job Scam (11 Warning Signs) →
Snapchat is known for its temporary messages. But scammers can still target you — even if your messages disappear. The biggest privacy threats on Snapchat are your viewing settings and location tracking. If left in default settings, these can be used by scammers, predators, and other people looking to harass you online.
📚 Related: Don’t Fall For These 7 Sordid Snapchat Scams →
You might not think of your Google account as a social media service. But platforms like Google Maps, Hangouts, YouTube, and Gmail offer similar functionality (and privacy concerns) to other social media apps.
Even more dangerous are all of the third-party apps that you log in to using your Google account. If any of these accounts are compromised, your personal information could be at risk.
Similar to Google, Microsoft accounts are often used to log in to third-party applications, like Skype. Cybercriminals can gain access to your Microsoft login details through these apps if you're not careful.
📚 Related: Is Norton Privacy Monitor Assistant Worth It? →
Apple iCloud accounts are often used by iPhone and Mac users to back up and share private files. This can include images, videos, geographical locations, and contact details. These details can leave Apple users open to hacking, malware and virus risks, and may even present personal security and safety concerns.
Ultimately, staying private on social media isn’t just about changing your settings. You also need to change how you use social media.
Here are 10 tips to help you keep your social media profiles secure and private:
Social media will always be a balancing act between privacy and promotion. The more public you make your personal information, the higher risk there is that you’ll be targeted by scammers and hackers.
Keep your accounts safe by using strong privacy settings, and protect yourself from scammers with Aura’s comprehensive identity theft protection service.
Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.