For many people around the country, this is the sixth week of being home. During that time, social media sites like Facebook have unsurprisingly seen surges in user traffic since becoming one of the primary ways to stay in touch with family and friends during the pandemic.
While finding out what your third cousin’s top five all-time TV shows are or seeing your grade school BFF’s senior portrait can be comforting, it can also be dangerous. Tap or click here to find out why sharing your school photos is a bad idea.
It’s no secret that Facebook has a long history of putting its users’ privacy at risk. And now as more people are relying on the service, your personal information could be at risk once again after more than 260 million user profiles are listed for sale on the dark web.
Are your personal details up for sale?
Facebook has already proven it doesn’t care about your privacy. The social media giant has been caught sharing your private data with third-parties and app developers multiple times over the past year. Tap or click here for details on its most recent privacy breach.
In those incidents, data was supposedly shared for marketing purposes. But the latest scandal is much more devious, as a database containing roughly 267 million Facebook profiles has been found listed on the dark web for just over $600.
Researchers from cybersecurity intelligence firm Cyble discovered the database and actually purchased it to verify that the data is real. Unfortunately, it is, and most of the profiles in the database are from users in the U.S.
Many of the records contain the following information:
- Full name
- Date of birth
- Unique Facebook ID
- Phone number
If there’s any good news, it’s that none of the stolen data contains passwords. However, that doesn’t mean it’s not useful to cybercriminals. With this cache of information, a scammer could perform spear-phishing or SMS attacks that could result in unsuspecting victims handing over their credentials or worse.
You might see emails or receive texts that appear to be from Facebook, for example, asking you to verify your credentials or other sensitive information. Since the scammers behind these attacks could have some of your personal information already, they will use it to make the messages appear official. Don’t fall for it!
It’s unknown how all of this personal information was collected at this time. However, it’s possible that the data was leaked by third-party API or scraping.
What is Facebook scraping and how to block it
You may have heard the term Facebook “scraping” before but don’t know what it actually means. It’s pretty simple, really. Scraping is when bad actors scour the internet looking for personal information that isn’t protected.
Scraping can happen on any social media site, not just Facebook. Having personal details like your date of birth, phone number and more listed as public leaves you open to the possibility of being “scraped.”
If you’re worried about this sort of thing happening in the future, and you should be, you can adjust your Facebook settings to stop bad actors from scraping your data. Here’s how:
Facebook mobile app
- Open the Facebook app on your smartphone and tap on the three-line icon on the bottom right of the screen.
- Tap on “Settings and Privacy,” then “Settings.”
- Scroll down to “Privacy Settings,” then adjust who can see future and past posts to only friends.
- The same goes for who can see the people, Pages and lists you follow.
- Double-check your changes by tapping on a section at the top called “Check a few important settings.”
- Click on the dropdown arrow on the top right of the browser window.
- Click on “Settings” and then “Privacy.“
- Under “Privacy Settings and Tools,” change all settings and options from “Everyone” to “Friends.”
How to protect your personal data
Your first line of defense, and not just on Facebook, is account passwords. It’s critical that you create strong passwords for your online accounts. The days of using password123 or QWERTY are over.
Also, make sure that every online account has a unique password. If you’re using the same one for multiple accounts and one site has a data breach, all of the accounts that you’re using the password for are at risk. Tap or click here if you need help coming up with secure passwords.
Have any of your passwords been stolen?
Speaking of data breaches, there are ways to find out if you have any accounts that were exposed. One option is Have I Been Pwned, which is an easy-to-use site with a database of information on breaches that have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest hacks and exposures. Tap or click here for details on how to use this helpful tool.
Another way to check the security of your passwords is with Google’s Password Checkup extension. When the extension is installed, it automatically scans passwords as you enter them to log in.
If one of your passwords turns up on a list of exposed passwords, you’ll receive an alert to change it. You’ll also receive some suggestions on how to make your new password more secure. Currently, this extension is only for Chrome users. Tap or click here for details on how to install and use it.
Despite the fact that Facebook continues to have serious security and privacy issues, the site still has more than 2 billion active monthly users worldwide. It appears that we just can’t quit Facebook no matter how terrible it treats us.
If you are fed up with all the skullduggery and are finally ready to delete your Facebook account, it’s a simple process. Tap or click here to find out how to delete it.
Lockdown your account
As we said earlier, Facebook is riddled with problems. If you insist on keeping your account active you should make sure it’s secure as possible. Tap or click here for privacy settings you need to use for Facebook.