Thieves and scammers count on people not locking in their privacy settings on social media sites.  Failing to do so people are, often unknowingly, making such personal information as their names, email addresses and names of family and friends publicly available.

People might think that there’s really no harm that can happen.  The reality is just the opposite.  The Better Business Bureau (BBB) just posted a very helpful article about the latest scam that uses this personal information when it is unprotected on social media sites such as Facebook, Google + or LinkedIn (“New Wave of Phishing Scams Uses Facebook Information for Personalized Spam”; scam; January 25).

As BBB describes the scam, the scammers are using the names of friends and family members to create fake emails.  The emails look as if they’re from someone you know but the content will look odd.  The only message might be a link to a website.  But clicking on that website might mean that you’ve downloaded malware to your computer.

How can you tell if it’s a scam? As the BBB article states, the “from” space in the scam email may have the name of a friend or family member, but it won’t have that person’s correct email address.

The BBB article contains security tips which encourage people to:

  • Review the security settings on the social media sites you use. The BBB article has a link to the Facebook website page with information about privacy settings.
  • Learn about the kind of personal information that can be found publicly on search engines.  The BBB article has a link to that information.
  • Report scams to Facebook.  The BBB article has a link to the Facebook website page with instructions for doing so.
  • Consider setting Facebook login notifications so you get an alert every time your Facebook account is accessed from a new device.
  • Text “otp” to 32665 if you access Facebook from a public wi-fi (e.g., coffee shop, airport) so that you can get a one time password for your account.

What are the BBB’s “do nots?”

  • Do not accept “friend requests” from people you don’t know.
  • Do not click on strange looking links.

As BBB advises, if you do click on a strange link in the email, run a virus scan on your computer.

Take the time to check the email headers and your security/privacy settings so you’re only sharing personal information with the people you want.