ID Theft and Social Media: Why using social media can make you vulnerable to ID theft…and what you can do about it.

ID Theft and Social Media

What is Identity Theft?

Back in the day, ID theft usually involved stealing someone’s wallet. From there, a thief could pretend to be you, racking up your credit cards, forging checks or committing other scams using your good name. Think of Leonardo DiCaprio in Catch Me If You Can.

While that can and does still happen these days, all of that is so 1990s compared to the high tech means identity thieves now use.

Enter the Internet and social media. With social media, today’s ID thieves are like hipsters in a thrift shop. Their excitement is palpable. The choices are endless. So much cool stuff all under one roof. Where does a thief begin? Perhaps on a social media behemoth such as Facebook. Why pick pockets on the street when you have a billion Facebook users to hack with just a few insidious clicks? It’s basic economies of scale.

Think about it: if you’re like most young adults, your entire life is on your computer or iPad—date of birth, Social Security number, banking info, credit card statements, etc. It’s all there somewhere. All a thief needs is a window to crawl through. And an often open window is your seemingly innocuous Facebook account.

Why am I Vulnerable on Facebook?

Identity theft is the fastest growing crime in the U.S. Last year, over 12 million Americans were victims of identity theft, about one victim every 3 seconds. With over a billion users, Facebook provides a lot of opportunity, especially when so many users are exposed.

One recent survey found that 30% of Facebook users didn’t have their profiles set to private. Another 14% didn’t know what their privacy settings were.

Now put yourself at a thief’s computer. You want the easiest score, the lowest hanging fruit. With Facebook, the fruit is practically dragging the ground.

Let’s face it, while you’re on Facebook, your guard is down. You’re among friends. You’re sharing photos, “liking” posts, playing games. It’s all about sharing. It’s all happening fast and in such a cozy environment. And that’s just the way they like it.

How is my Identity Stolen?

Irony is a thief’s best friend. That’s because with ID theft, things happen in a way that seems to be opposite of what you expected. About 70% of ID theft victims on social media were asked to visit a scam website through a private message. Pretty sneaky. Here are a few examples of actual scams. The first is the “album pictures” scam. It goes something like this.

You receive an email from “Facebook” saying that a friend has posted their picture in an online album. As you’re waiting for the zip file to open (the one you just clicked on), little bits of code are burrowing into your hard drive. And before you can click “like” on that cat video, the malware has done its thing, disabling your computer or worse, gaining access to your personal info.

In another scam, you get an email saying “Hi (personalized with your name), here are some pages you may like,” along with pictures of the pages within the body of the email. The link takes you to the pictures where, once clicked, will take you to sites that deliver malware.

Some of the malware can include keystroke logging software that allows its initiator to track login info for anything—your bank, credit card, and other important financial information.

The worst part is, you might not even know you were infected. And you definitely want to know before they have a chance to do real damage. Want to see what an identity thief might see? Check out this Facebook ID theft simulation at This simulation scans your account and pulls up some surprisingly scary stuff. It is very real but is in no way compromising your actual information.

How to Protect Yourself on Facebook?

The old saying “If it sounds too good to be true, it probably is,” is still a good one to live by. But with the speed of life today, all it takes is one click to send you down a path of “OMG, what did I just do!”

Here are some tips to help you stay protected:

  • Review and then maximize your Facebook privacy settings—there are plenty of great online resources to help you if needed
  • Limit the personal information you share. Don’t include your DOB, email, phone, pet’s names, places you’ve lived, etc.
  • Change your password regularly and use your Facebook password just for that account
  • Be judicious (read: cautious) about the kinds of “deals”, “offers” and emails you respond to and even the games you play on Facebook
  • Don’t hit the “like” button so much. You’ll cut down on spam and potential scammers
  • Be smart about the “friends” you add
  • If you’re using a public computer, make sure that it doesn’t store your login info and make sure to sign off when you’re done
  • Consider purchasing Identity Theft Protection to help monitor your finances in case of an attack

Finally, don’t be paranoid about using Facebook and other social media. Just be a little smarter and more aware of your surroundings.

Written by Chris Hawkins. Chris Hawkins is the Content and Business Development Manager for Sprout Content, a content marketing agency. At Sprout, Chris develops and maintains business relationships, manages partner projects, and writes the occasional blog article. He has written extensively on a variety of topics for both commercial websites and consumer publications.