NCSAM: Why Social Media is a Weak Point for Your Online Security


Did you know that all social media accounts are not created equal?

In general, a social media account is a form of electronic communication through which people can create online communities to share information, ideas, personal messages, and digital content. However, there are categories of various types of social media accounts. According to, there are a grand total of ten types of accounts. Listed below are five of the most commonly used social media categories, along with some of the sites associated with each category:

  1. Social networks that allow you to connect with others –
    • Facebook, LinkedIn, and Google+
  2. Media sharing networks where you can share photos and videos –
    • YouTube and Instagram
  3. Discussion forums to discuss and share news and points of view –
    • Reddit, Quora, and Digg
  4. Bookmarking and content curation networks to discover, share, and discuss trending and new ideas –
    • Pinterest and Flipboard
  5. Consumer Review Networks to find, review, and share information on brands, products/services such as restaurants, retail stores, beauty salons, etc. –
    • Yelp and Trip Advisor lists the top three social media sites with monthly active users as: Facebook with 2,230,000,000 users; YouTube which has 1,900,000,000 users; and Instagram with 1,000,000,000 users. Combined active users total over five billion and includes a mix of users who use social media as means to find friends, to share information, and/or to learn and engage from and with others.

Unfortunately, social media networks have become a weak point for online security.

Aside from those who use social media sites for their intended purposes, there are bad actors who find these sites to be a treasure trove of information that is easily harvested and used for inappropriate and unethical reasons. In this technologically-advanced era we are living in, it is more important now than ever to learn how to protect your online information as efficiently and quickly as possible.

What do you need to be concerned about when protecting your identity and your content on social media sites?

Three key risks that you need to be concerned about are geotagging, the audience, and your identity: 

  • Geotagging: By using geotagging, you are inadvertently telling people where you are, where you work, or where you live. Disable geolocation if you don’t want people to know where you are, especially if it is a sensitive location.
  • Audience: Be sure you know who your audience is, and that only they can see what you post. You may have your privacy settings set to only share with friends or specific groups you’ve created, but who they choose to share it with is out of your control.
  • Your Identity: When adding personal information in order to create your social media profile, be cautious of what you provide and what you are willing to share. Social media can and is used as a research method for gathering identity information which can be used for identity theft, fraud, impersonation, and harassment.

What can you do to protect your identity and the information you’ve shared on social media sites you’ve subscribed to?

By following the quick tips below, you can strengthen the security and privacy for your social media accounts and prevent bad actors from accessing and using your information: 

  1. Be thoughtful and careful about the social network you choose. Research and evaluate its privacy policy and terms of use. If you will be providing personally identifiable information to this site, then use the same criteria and standards that you do when you select a reputable site where you enter credit card or financial information.
  2. View your account profile from the eyes of another. Most sites will have a “view as” feature that will allow you to see your public profile. You will be able to quickly tell if you are sharing information that should be private.
  3. Set strict privacy rules or settings. Review your privacy settings regularly. You can find this within the settings for your social media account. Ensure that all of your private information such as your date of birth, current location, address, workplace, etc. are private or are only visible to your friends.
  4. Be particular and selective with friend requests. If you do not know the person, do not accept their request. Also, the delete “friend” button serves a purpose – use it.
  5. Never assume anything posted is private. It’s a good idea not to post your date of birth, address, email address, phone number, or other identifiable data on a social media site. Also, ask your friends to remove sensitive data about you from their posts.
  6. Do not allow the site to collect the information contained in your contacts list or address book. You want to protect that information as well.
  7. Only click on links contained in posts with caution. Social media accounts are frequently hacked. Watch for language or content that is not similar to what your friend would post.
  8. Be wary of games and apps that offered through social media. These are often a way to collect information about you and your friends. If you have installed games and apps that you are no longer using – delete them. Do not respond to posts that ask to play a game by commenting who your favorite first grade teacher was, the street you grew up on, the name of your first pet, the make and model of your favorite or first car, your zodiac sign, etc. This information is often used for security questions and hackers use that information to gain access to your information.
  9. Understand hashtags. When you add a hashtag (#) to a post that you have marked as private, anyone who searches for that hashtag can find and see it.
  10. Regularly “house-clean” your profile. Remove any pictures, posts, comments, etc. that may be considered inappropriate or have reference to personal information. Re-evaluate the accounts and friends that you follow. Delete those who no longer are relevant. This is also true for accounts of those who have passed away – these profiles are easily hacked and misused.
  11. If using a public computer to view your social media accounts, always log off your account when you are done.
  12. Use strong passwords for your accounts. Never re-use the password for other accounts. If offered, take advantage of two-factor authentication.
  13. If you have installed social media apps on your smart phone, be sure to password or pin protect the mobile phone.

As social media sites grow and expand in popularity and use, so do the risks of using them. Hackers, spammers, identity thieves, and other bad actors will find creative ways to compromise and misuse your information. Don't let your personal information be compromised via social media!

For more information on social media safety and privacy, please visit:

If you have any questions about cybersecurity or want to learn more about how to stay safe online, please contact University of Miami's Information Security Office (ISO) at:

Click here or on the image below to download UMIT's NCSAM poster:

Feel free to print this poster and share it with your colleagues/peers!