My telephone rang earlier this week and much to my surprise it was a reporter from our local ABC television station here in Tampa asking me if he could interview me for a story he was doing on hacking and phishing on Facebook.
I was surprised and asked him how he found me – he found me here. Right here on my blog site. He googled certain words that brought my blog about problems with security on social networking sites right to the top of the list. No surprise here, I am always on the top when it comes to my blogs because my key words are great. I am not going to stop to define key words at this point. If you blog, you know what key words are. If you blog and do not know what key words are, shame on you. Your blog is probably at the bottom of the google list.
We had fun doing this interview. I was asked to read the email I had received from a friend who was allegedly in London, England needing cash and from there we did a face to face interview.
Until I see the actual piece on TV I will not know the whole story as to improving security on any social networking site, but I do know this. Prior to coming to my house, the team had interviewed a computer expert. It all comes back to passwords-none of us use passwords that are strong enough to keep the bad guys out. It is very easy to crack a password and we make it easy too.
I recently signed up for a site that would not allow me in until I had a password they approved of, when they said use upper and lower case letters, add numbers, add punctuation, add underscore, they were not kidding. My normal every day password looked like Egyptian hieroglyphics and there is no way I can memorize it, so now I carry it around tucked into the insole of my shoe so I can get it out when I need it.
Just kidding, but the truth is, we need to do just that. No I am not talking about hiding your password somewhere on your person. I am saying that all passwords need to have all those components. More bad news, they need to be changed every 30 days.
I think sites like MySpace and Facebook do not go the extra mile to stress the importance of setting up a “dummy” email account and requiring certain password configurations. They could, a simple medical site did it, and I jumped through those hoops to join them.
Do not be like my friend and use your business email or personal email as your sign in to the social networking site. Her email provider was Yahoo. As soon as she reported her email had been compromised Yahoo shut her down as a compromised site. She lost over 3000 email addresses of business acquaintances, she lost her credibility and she lost money and future income.
As the interview wound down we came to one conclusion, we cannot believe how gullible we all are. Would we invite a perfect stranger into our home? No, of course not. Then why so we allow perfect strangers into our computers? Why are people allowing applications of games, hearts, angels, hunkie guys etc to collect information from their Facebook site? Those are perfect strangers people – how many branches of the dumb tree did you hit as you fell out of it? Come on- while I think social networking can be fun, and while I know it is here to stay, I also know that danger is lurking around every corner in the disguise of applications, notifications with the Facebook logo, as bored 13-year-old kids with nothing better to do, as Chinese, Nigerian, and Russian hackers waiting for you to use your initials and your date of birth as your password. Come on—-let’s get more creative here.