Resource

Guide to online privacy

How to keep your personal information safe online
Last updated: 11/7/2013

 CONTENTS: 
1. Social Media Privacy
2. Secure Passwords
3. Stop Cookies
4. How to avoid viruses
5. Keeping your Social Security Number secure
6. Secure Websites

7. Scam Email
 

1. Social Media Privacy
Change your privacy settings on all your social media accounts so your information isn’t “public” or searchable by a third party. The information you share on social media, such as Facebook and LinkedIn, can affect your job, your credit and the prices you might see as an online consumer. In order to protect your personal information, change your privacy settings so your information isn’t “public” or searchable by a third party. Here’s how:

Privacy on Facebook

  • Enter your "Privacy Settings".
  • Limit the options under "Who can see my stuff" to, at a maximum, your "Friends." This means that only people you have approved as a friend will be able to see your posts, photos. To ensure that your previous postings aren't public, select the option "Limit past posts" to apply your privacy settings retroactively.
  • Be cautious of allowing yourself to be tagged in photos or adding a "location" to your postings. This information could be used by advertisers and other businesses.
  • Take the time to read Facebook's privacy policy to see exactly how your information can be viewed  by outside parties and under what terms.

Privacy on LinkedIn:

  • Select the option "Privacy & Settings" under your profile image in the top-right corner of the screen.
  • Then select "Account" and "Manage Advertising Preferences" and de-select the options that allow LinkedIn to show you ads on third-party websites and ads based on third-party data.
  • Then select "Groups, Companies & Applications". Click on the link for "Turn on/off data sharing with 3rd party applications" and opt out. Do the same under "Manage settings for LinkedIn plugins on third-party sites" by un-checking the box in the pop-up window.
  • Under "Profile" click "edit your public profile" and make it invisible to anyone you have not connected with yet.  
  • Take the time to read LinkedIn's privacy policy to see exactly how your information can be viewed  by outside parties and under what terms.

Privacy on Google+

  • Enter "Settings" through the drop-down menu in the top left corner of your homepage.
  • Select "Profile and privacy" and then, under "Public profile information", select "Edit visibility on your profile"
  • Under each of the sections, "People," "Story," "Work," etc., choose the option to share with "Your Circles". Do not leave anything shared with "Public" or "Extended Circles" because then this information can be viewed by people you have not approved to see your information.

Privacy on Pinterest
When setting up an account:

  • First, if you are creating an account with Pinterest, "uncheck" the box next to the option "Let Pinterest personalize your experience based on other sites you visit."

When you have an account:

  • Click on your name in the top right corner of your page and select "Settings" from the drop-down menu
  • Under "Search Privacy", select the option "Yes", so that the button turns red.
  • Under "Personalization", select the option "No" so that the button turns gray.
  • Under "Social Networks", select all the options of "No" so that all the buttons turn gray.

2. Secure passwords
Use a secure password for every online account that requires one. Secure passwords are at least 8 characters long, combine upper and lower case letters and contain both numbers and punctuation. Use a different password for every online account you have—especially for your bank, credit card and other websites containing sensitive information. Change your passwords at least a few times per year.

When creating a password, make sure that you do not include any obvious public information in a password such as your address, your phone number or information available on social media. Avoid common words and sequential numbers. According to a company that provides password services, SplashData, some of the least secure, passwords are: "password", "123456", "12345678", "abc123", and "qwerty".

3. Stop cookies
Disable cookies through your web-browser and clear them immediately after using a website that requires cookies to be active in order to use it, such as Facebook.
"Cookies" are tools that websites use to track your online browsing habits and collect information about you, including your search terms, buying preferences and favorite websites. Some websites use this information to charge you higher prices. Here are instructions for disabling cookies in Chrome, Firefox, and Explorer.

  • In Chrome: Select "Settings" from the drop-down menu in the top right of the browser. Then select "Show Advance Settings", at the bottom of the page. Next, under "Privacy" select "Content settings". Under "Cookies", the best way to protect your privacy is to select "Block sites from setting any data" and also select "Block third-party cookies and site data". Finally, select "All cookies and site data" and then click "Remove all" to erase the cookies you have built up already.
  • In Firefox, under the menu in the top left corner of the browser, select "Options" and then "Options" again. Under "Privacy", select "Tell sites that I do not want to be tracked". Next, select the blue text that says "remove individual cookies" and click "Remove All Cookies".
  • In Explorer: Select the cog-wheel symbol and "Internet Options". Then, under "Privacy" move the setting to the highest notch which will say "Block All Cookies.

Note: some websites such as Facebook will not allow you to access them without cookies enabled. However, it is still better to operate the internet with cookies disabled and then only allow them if you want to access websites like Facebook. After you are done using websites like Facebook, clear your cookies as indicated above.

4. How to avoid Viruses
Install and regularly update antivirus protection software on every computer you own.
Either Microsoft or AVG's free security software is a good bet. Avoid downloading anti-virus software that appears unprompted through pop-up windows.

You can get free anti-virus software that includes tools to prevent tracking cookies. Although no anti-virus software is foolproof, not having anti-virus protection is one of the easiest ways to lose control of your personal information.

5. Keeping your Social Security Number secure
Never email your Social Security Number to anyone, even people you know.
Your emails can be intercepted or accidentally sent to the wrong address. Only share your Social Security number with someone you trust over the phone or submit it through a secure website. 

6. Secure websites
Only enter sensitive personal information into the official, secure websites for the bank, credit card or other companies with which you have business. The way to know if the website is secure is by making sure there is an "https" at the beginning of the URL—the "S" stands for secure. Also don't forget the obvious: that the website URL is clearly and unequivocally that of the institution.

7. Scam email
Do not respond to emails that ask for your financial or personal information in a message.
 

"Phishing" emails are scam messages that ask you for personal and/or financial information. Phishing emails often look legitimate, but really are scam messages that ask you for personal and/or financial information. The Federal Trade Commission gives this advice for avoiding phishing scams:

  • Assume that an email is a scam if it asks for private financial information such as your Social Security Number, your bank account PIN, or your passwords
  • Look for signs that mail with personal information has gotten into the wrong hands and is being used to send you a phishing email. Know when your financial statements are due to arrive and contact the business in question if any statement is late to verify your address and account information.

When you get a phishing email do the following:
If you think you have received a phishing scam email, you can forward that email to spam@uce.gov – and to any organization falsely represented in the email. The Federal Trade Commission also advises to report phishing email to reportphishing@antiphishing.org. By reporting phishing email at antiphishing.org you are helping government agencies and private companies fight phishing. 

Priority Action

We should know whether our food is genetically engineered. Please pledge to vote yes on Measure 92 this November.

Support Us

Your donation supports OSPIRG’s work to stand up for consumers on the issues that matter, especially when powerful interests are blocking progress.

Consumer Alerts

Join our network and stay up to date on our campaigns, get important consumer updates, and take action on critical issues.