If you're the type of person who tweets while on vacation or brags about your new toys on Facebook, you'd better post some photos of your guard dogs as well.
Criminals are becomingly increasingly adept at ferreting out information from online sources when searching for people to defraud, said Ondrej Krehel, information security officer at Arizona-based Identity Theft 911.
Most people don't think about identity theft when they're updating their social networking profile because they don't store financial data on such sites. But letting your guard down on such sites as LinkedIn, MySpace, Twitter and Facebook could be costly for you and your friends, Mr. Krehel said.
Facebook's privacy breach last week serves as a reminder of the potential dangers of social networking. Canada's Privacy Commissioner expressed "major concerns" after Facebook's application makers leaked the personal information of tens of millions of users to Web trackers and advertisers.
One common Facebook scam is for a criminal to track a victim's online behaviour, hack into his social networking account while he's on vacation, then use the victim's profile to tell his friends he has been robbed and needs a money transfer.
"It happens quite often, more than you'd think," Mr. Krehel said. Hackers sell stolen Facebook passwords online for as little as 25 cents each.
Sharing images and videos online can also make you vulnerable, Mr. Krehel said. BlackBerrys, iPhones and many high-end digital cameras are GPS-enabled and can record so-called metadata on image and video files, which can reveal when and where the files were captured, leading thieves straight to your home. While some websites will automatically strip out this information, you need to be very careful when sharing photos and clips online.
Mr. Krehel identifies several steps to protect your identity online:
Avoid quizzes and apps: They're fun and they're free, but they share your personal information with marketers, tracking companies and who knows what else.
Use "strong" passwords: Passwords should include numbers, letters and symbols and should be changed regularly. Use different passwords for your social websites, personal life and financial life, so that if one of them is breached, the rest are still secure. If you can't remember all your passwords, use a secure program for their storage, such as Password Safe.
Keep a close circle of friends: Don't accept friend requests from strangers in a misguided attempt to pad your social network numbers. Once these people befriend you, they can post malicious links on your page, compromise your computer's security and spread viruses to all your friends. They can also gain access to your whole mailbox, including e-mails from financial institutions.
Surf at home: If you're using a public computer, don't expect any privacy. You don't know how many viruses are on the computer, who's controlling it or who could be copying your information.
Beware of links and images: Hackers often use pictures of celebrities to lure their victims; clicking on such links allows hackers to install malicious codes on your computer. A recent study found that organized criminals create approximately 8,000 malicious websites every day.
Secure your mobile device: If you use social site plug-ins on your cellphone, turn on some basic security features and add a password. If you lose your phone, your online identity is not left open to whoever happens to find it. If your phone has a camera, consider turning off the metadata or geotag function. Check your phone's manual for instructions.