Rose State College Cyber Security Sleuths Offer Facebook Security Tips

Although it’s the world’s most popular social network site, with more than 800 million users, Facebook user information is attractive to “black hats”—hackers on the dark side, according to Cyber Security students at Rose State College. Users should take steps to take care. “A lot of people really like Facebook, but you have to be careful using it,” said Rose State College Cyber Security Club president Henry Williams. “You might have vulnerabilities.” Rose State College is currently the only community college in the United States that trains students in all six levels of federal Committee on National Security Systems (CNSS) certification. Students who graduate from the program often go on to work for the government organizations, such as the CIA, the Department of Defense, the FBI or the NSA, as well as private firms. Williams said the students in the program have learned to be careful with online activity. Recently, a study of more than 2,000 users of Facebook, released by CCPGroup, an international marketing services business, found that more than a third of Facebook users had sensitive information on their pages that could be used to hack their bank accounts or other financial services. Often, information entered on Facebook by its users is involved in some of its most popular features. An example would be its popular birthday notification. That’s a problem, says Williams. “Your date of birth—even a partial date, such as the day and month—is used as an identifier at your bank and in other important records,” Williams said. “While we all want to wish our friends a happy birthday, and enjoy being wished a happy birthday, it won’t be all that happy if someone uses the information to steal your identity.” Other security measures one needs to keep in mind when using Facebook, according to the Rose State cyber sleuths, include:

  • Review privacy settings every month as Facebook may make changes without notification. The site has changed the default settings several times.
  • Use a strong password and do not give it out. A good password is easily remembered but does not use personal information, like birthdays or pet’s names. (Remember, this information is often posted by users anyway and thus is not secure.)
  • Log into Facebook only by typing the address in yourself. Do not click a link to go to FB. Often, scams called “phishing” use emails that contain links to false websites that might look like a legitimate website (such as Facebook), but are actually scams to steal your password.
  • Carefully read sharing permissions when asked by a FB app or game. This is getting to be a new way to “phish” for information that can be used by hackers for fraud.
  • Do not post private info such as your phone number or address in a post that might be seen by the public. For instance, a recently corrected flaw in Facebook allowed the private information of users to be accessed by advertisers and other “third parties” offering apps on the site. Facebook announced the problem has been fixed.
  • Turn off location sharing and do not "check in” anywhere near your house and do not check in at your house. When you advertise to anyone viewing your page that you are not home—that’s when thieves know they can break in. If they know when you come home, they know how long it will be before they can expect you.
  • Do not allow posting of your friends’ info. Friends’ information can be gleaned from your page and used to scam them. Don’t help the black hats.
  • Only accept friend requests from people you know personally or from ones that know friends that you trust. Is that person “friending” you someone you know, or a scammer?
  • Think before you click. Some of the advertising and apps can increase the likelihood of spam and tracking programs embedded in them.
  • Never log in at a public place even if you are on your own machine. On a public network, it is easy to “intercept” this information with electronic “sniffers”. These devices can read your passwords as you type it in.

On the positive side, Facebook recently announced it is stepping up site security by pairing with web security specialists Websense to protect users who click on links. When a Facebook user clicks on an ad or app, Websense uses a program to alert the user if the link is malicious. Even so, Williams expects there will be a lot of work for Rose State College cyber graduates in the years to come. “Most of our people go to work for the three-letter agencies (FBI, NSA, etc.),” Williams said. “They need a lot of people with our skill sets.” Rose State College is a community college in Midwest City, Oklahoma, offering AA, AS, AAS and certification in a variety of professions, including cyber security, nursing, business administration and in other occupations. For more information, call 405-733- 7311, or visit them online at

About the author: Lee J

Security Analyst, Developer, OSINT,

Comments are closed.