Tuesday, June 14, 2016

Spoof Proof Yourself On Facbook

Spoofing is rampant on Facebook these days.  What is spoofing, you ask?  It’s when someone creates a Facebook account using your exact name and in many cases, your current profile and cover photo.  They then send friend requests to your current friends who may or may not accept said request.  If they do, they are then subject to private messages from “you” extoling some great marketing idea or how to get free money or whatever.  Usually, this sends up a red flag to your friend and they track you (the real you) down as ask, “What the…?” and you then  realize you’ve been spoofed.  Or, the Spoofer simply goes through your friend list finding those who don’t have secure privacy settings and starts  spoofing them.  Or, they do both.  It’s a mess.

How can they do this?  Because more than likely your privacy settings are allowing THE PUBLIC to see what you are posting, including your pictures, your friends lists, etc.  Also problematic; if  you “Like” or comment on a friend’s post or picture or link or whatever and they haven’t set their privacy settings correctly, then your activity related to their post is now also, you got it, open to the public.  You cannot control what your friends do or don’t do, but what you can  do is to go through a  Privacy Checkup to ensure 99% of your activity (including your pictures and your list of friends, the primary targets of Spoofers) are protected.  And then beg and plead with your public-oriented friends to do likewise.

I’ll walk you through several steps to get you protected but before I do, a needed clarification.  In these cases your account HAS NOT BEEN HACKED.  The Spoofers do not have access to your real account (although it’s always a good idea to change your password on a frequent basis).  Yes sometimes  people do get hacked, but it’s not as frequent as the spoofing.  Doing what I am suggesting will help you in both regards.  Also, of course, having your friends contact you whenever they see something out of character seemingly coming from you is also very important.  Once the Spoofer knows “the gig is up”, they’ll move on to some other person whose account is dreadfully public.

Ok, here we go.

Step One:  Run a Privacy Checkup. 

This is where you can quickly monitor who can see your posts (posts means everything you post) as well as your app activity (games and  the like), view your activity log (posts you’ve liked or commented on) and, extremely helpful, view your  profile as the public would see it or even a specific friend.  Let’s go step by step here:

From your homepage (where you see your profile picture and cover picture) go to the far upper right hand side and click on the padlock icon.

Click on the top box Privacy Checkup.

This is where you want to ensure (as pictured here) “Who do you want to see your next post?” is set to FRIENDS.  If  you see a little World emblem here, it means all of your posts have up to now have been PUBLIC.

Click next and go on to the app screen.

Here you can do several things.  Ensure your activity using these various apps is set to  Only Me (or in some cases if you like to share stuff using these apps, Friends).  You can also scroll down and see how many apps you’ve accumulated (bet you’ll be surprised, I know I always am!) and remove those you no longer use/want.

After you hit next, it will take you to a final screen where you can check who can see your contact information, date of birth, etc.  I didn’t do a screenshot of this one ;-)

Once you’re done with that screen, hit finish up and it’ll tell you “Yay You’re Done!”

But, you really aren’t!

Go back up to the padlock icon and click on Who Can See My Stuff.

So now you should see that only Friends can see your posts (since you just changed it, right?  Right!)

Click on the next box, Use Activity Log.

Wow!  Everything single thing you’ve posted, liked, commented on, shared, etc., will pop up here. 

The important thing here is the emblems on the far right of each activity.   See my top one?  My friend has his privacy settings set to “Friends  of Friends”.  This means that friends of his friends can see whatever is posted on his stuff.  This isn’t as bad as seeing the world (which means Public) emblem but it still means a lot of people I  don’t know at all can see my input.  Thankfully, if any of them are potential Spoofers, they can’t spoof me!

You’ll see the rest are set to Friends.  Much much better.  I’m proud of you, Peri and Alberto!

Many I noted this morning were set to Public.  I won’t publically chastise you, but, it’s mind-blogging how many people allow the Public to see their stuff. 

Here’s a good opportunity for you (once you get your act cleaned up) to gently let your fish bowl friends know they are opening themselves up to spoofing.

Ok, onwards.

Go back to the Who Can See My Stuff to the the third box down, What Do Others See On My Timeline.  Click on View As.

Ok it’s a little small but it will bring up what  your profile looks to the public.  This is where you’ll find out how much clean up work you need to do!  Be prepared to be alarmed.

In my case, I have everything I possibly can set to Friends or Only Me.  So, the only thing the public can see is 1) My current  profile picture and 2) My current cover picture. You’ll note they cannot see any personal info, any other pictures or any friend information.

The only picture’s privacy settings that you cannot control is your current cover picture.  For whatever reason, that is always Public.  You can, however, go back and change your past cover pictures to Friends, which I’ll explain in a bit.

You can set your current profile picture to Friends and it’ll be visible to the public but not down loadable (about the best we can do, but, if you have all your other settings done appropriately, a Spoofer can’t do much with just your profile picture).

How do you change your picture settings?  It’s simple to change your future ones (you’ve already done it, remember?) but going back and changing all the pictures you’ve posted can be tedious but it’s worth it because, remember, Spoofers troll Facebook for public pictures.

Here we go.

Step Two:  Setting Pictures to Friends

First  make sure you current profile picture is set to Friends.  Here is a shot of mine (temporarily!) set to Public.  You can see the picture of course but also who liked and commented (thanks for the compliment, Cuz!)  You’ll note that the picture is also available to be share, send, tag, download, etc. This, friends, is a Spoofer’s dream.

Change the setting by clicking on the world emblem just under you name.  You should set it to Friends.

Now here is the same profile picture set to Friends.  Looks pretty boring, huh?  That’s a good thing.  

Another quick note on profile pictures.  ALWAYS check when you change your profile picture to make sure it is set to Friends.  For some reason, Facebook likes to (sometimes) default it to Public.

Now, on to a biggie, checking all of your posted pictures for their privacy setting.

Go up to the  area on your profile that says Photos and click on it.

Then click on Albums.

Here are all of your albums (including one for videos if  you have any of those).  See the little emblems on the bottom right?  

This is the privacy setting.  Hopefully you’ll see a lot of Friends emblems (e.g., my Mom and Me album) but you’ll likely see the Setting emblem on many, too (typically profile pictures, cover pictures, mobile uploads, timeline pictures, etc.)  Here is where it gets tedious so I suggest you do this when you have plenty of time and either a big bottle of wine or a Venti Starbucks.  You will have to open each album  and click on every single picture to view its privacy setting.  Every picture will have that setting indicated under your name on the upper right.  If you see Friends, move on.  If you see the world, that means it’s open to the Public.  Change it, and click on.

Note that going forward, now that you changed Who Can See My Posts to Friends, all pictures etc. should be set to Friends but it’s always a good idea to do a spot check from time to time.  You know, when you’re bored  or are getting freaked out because your friends keep getting spoofed.

And speaking of friends, that brings me to my final step in securing your privacy settings, set who can see your friends list to Only Me.

Step Three:  Protect Your Friends

Click on Friends.

Click on the eraser next to Find Friends and then on Edit Privacy.

Change both setting here to Only Me.

 This will do two things.

First, it will ensure that anyone viewing as Public cannot see any of your friends.

Second, your friends will only be able to see your mutual friends.  So, for example, I have 231 friends.  If you are one of my friends from church, you’ll only see listed those people you are also friends with.  It’ll say something like “25 Mutual Friends”.  This doesn’t mean you won’t see when the other 200 something friends comment on stuff I post, but access is somewhat limited.  This protects MY friends from getting spoofed if for some reason I fall off the security conscious truck and got spoofed myself.

I hope this has been helpful.  I don’t have all of the answers, but what I know, I’m willing to share!

Peace Out.

Mrs. B

No comments: