Facebook, the world’s most popular and crowded social networking site in the world, has also become one of the most favorited sites for hackers, phishers, scammers and spammers for stealing privacy, identity and money. Just recently, millions of users from the Philippines have experienced various kinds of spamming, phishing, spreading of malicious photos and links, and other security threats. There was even a popular hoax telling that Mark Zuckerberg and the Facebook management will ban Facebook in the Philippines due to the recent spread of malicious and pornographic photos traced to be coming from Filipino users. This kind of news, although only a trick created by link baiters, has caused a major panic among Facebook users in the country. I just want to tell everyone that Facebook would not dare to ban 27 million Filipino users – that’s a lot of business and advertising money and that’s also unfair to other users who ethically use the social network! But though you don’t need to worry about Mr. Zuckerberg banning all the Filipinos, you should be worry about defending your profile from hackers who can steal your precious Facebook account from you. To save and prevent your account from being stolen and terrorized, here are 22 tips to protect and secure your Facebook account from hackers, phishers, scammers and spammers.
1. Have a strong password. Don’t use or include your name, birthday, anniversary, phone number, and any information that can easily be determined by anyone in your password. Use a combination of small and capital letters, numbers and special characters in your password. Just keep it in your mind and not anywhere else. Never share it with other people. Don’t make your computer remember your password – for if your computer is hacked using spyware and other hacking tools and software, your online account for that password will also be stolen.
2. Be careful with any suspicious emails you receive even if they come from your friends. Hackers can hacked your friends’ email and use them to hack yours. Don’t click on links and other attachments on emails you think are suspicious and malicious. Delete the email from your inbox immediately if you think they contain malicious messages.
3. Don’t trust any email, chat messages, calls and text messages that contain an urgent request to update your private information or provide them with new information.
4. Always update your Internet browser to its latest version so that you’ll be equipped with the latest web security measures and the latest anti-phishing blacklist.
5. Make sure to always update your anti-virus or security software on your computer, which includes anti-virus, anti-spyware, anti-phishing, and a firewall.
6. Make sure to always update your anti-virus or security software on your mobile devices, such as your smart phone and iPad.
7. Never give your Facebook password to anyone. Most reputable online services will never ask for your password through any form of communication.
8. Don’t use the same password for your various online accounts. If you do that, and one of your accounts is hacked, your other accounts will be in trouble.
9. Always double check the authenticity of the Facebook page you are seeing on the screen. Hackers, phishers and spammers can create a dummy page that almost looks like the real Facebook page that can lure you to enter your username and password into their system. Learn to differentiate a good URL from a bad one. If you ever have doubts about the legitimacy of a link, simply type the website’s URL (for example, http://www.facebook.com) into the address bar.
10. Don’t confirm a friend request or read a message from someone if you don’t know or trust that person. Check first his photos, your mutual friends with him, his information, wall posts, and even his grammars if that person represents the person you know. Don’t accept a friend who doesn’t show correct information.
11. Protect and secure not only your Facebook account, but also secure your emails and other online accounts that are integrated to your Facebook account.
12. Think first before you share. Be careful on what you share on your Facebook status. Avoid sharing information that may become hints about your private data.
13. Block applications that you think are not secured and are causing you spams. Check #21 for generating application password.
14. Never click on malicious photos, videos and links that people share and spread on Facebook. Phishers use baits such as pornographic, funny, controversial and other attractive materials to fool Facebook users to give their account information. Never follow instructions, such as click Alt+F4 to see “who viewed your profile”. Currently, there’s no such thing as option to see who viewed your profile.
Facebook opt-in Security Features
Facebook https secure browsing. Check out the green padlock on the browser’s URL field above.
15. Enable secure browsing in you Facebook account by clicking on “Account” menu located on the top right corner and by going to account settings> security settings> secure browsing edit. This will make your browser on a secure connection (https) when possible. Secure Browsing (https) is an opt-in security feature. When you turn this feature on, your traffic (i.e. all of your activity) on Facebook becomes encrypted, making it harder for anyone else to access your Facebook information without your permission. This feature is not currently available for mobile browsing.
Here’s how you go to Facebook account settings.
This is what you will see in the Facebook security settings page:
16. Add another email to your Facebook account aside from your primary email address by going to account settings> general settings >email edit>add another email. This will give you the ability to access your Facebook account once your primary email will not work.
17. Add or register your mobile phone by going to account setting> mobile settings> activate text messaging on new or registered phone. Facebook will ask your mobile phone number and will sent you a confirmation code to confirm that you own the number, and to successfully register your mobile number. This will help you if ever Facebook need to send you a text message to confirm your identity once your account is lost and you need to recover or restore it.
18. Enable your login notifications by going to account settings> security setting> login notifications edit. Login Notifications are an opt-in security feature where alerts are sent to you each time your account is accessed from a new device. You can also choose to receive text message alerts if you’ve already added a mobile number to your account. This is useful in detecting anomalous persons who tried to log in to your account in other computer or mobile phone device. Once you receive a Login Notification from an unfamiliar device or location, you can follow the instructions in the notification to reset your password and secure your account. Remember to not select the option to save your device if you’re using a public computer.
19. Check your active sessions if there is any suspicious user who have accessed your Facebook account recently. Go to account settings> security settings> active sessions edit. The Active Sessions section of your Security Settings page shows you a list of the recent times you’ve accessed your Facebook account. Each entry includes the date and time you signed into Facebook, your approximate location when signing in, and the type of device you were using to access your account. You will also see the option to end any active session on the right side of each entry. If you think someone else is logged in to your account, end the suspicious session by clicking end activity at the right of the session information. After you end the session, secure your Facebook account by changing your password. We also recommend changing your email password, as anyone with access to your email can gain access to your Facebook account.
20. Use a One-Time Password when accessing your Facebook account in shared computers (e.g., Internet café or library). A one-time password is an opt-in security feature that can help protect your account security when you log into Facebook from a public computer. To receive a one-time password, send a text message to 32665 with the message “otp”. Facebook will reply with a unique, 8-character temporary password. Your one-time password will be valid for 20 minutes and can’t be reused. Remember that you can only use this security feature if you have registered a mobile phone on Facebook.
21. Generate App passwords by going to account settings> security settings> App Passwords Edit> Generate App Passwords. You can use an app password instead of using your Facebook account password to securely log in to applications, such as Jabber, Skype and Xbox. App passwords are one-time passwords you can use to log in to your apps. Using app passwords will help keep your Facebook password safe.
22. Always keep yourself updated with the new security updates on Facebook. Facebook has announced other opt-in security measures, such as setting up “trusted friends” and Login Approval which are not currently available on Facebook account settings at this date.
Disclaimer: Although the tips above can strongly improve your Facebook security protection, we don’t guarantee that you account will be 100% hackers proof. Remember that even the FBI and CIA websites can still be vulnerable from hackers. Thus, although you have followed all the tips and guidelines above, it’s still important that you’ll be watchful of your account all the time.
Resource: Facebook Opt-in Security Features Page