JOSHUA ROME ALURA EBOL

ACT-2F

CASE STUDIES ON SOCIAL MEDIA, PRIVACY AND SCAMS

Every now and then a news story comes up that reminds you just how exposed we all
are via social networks. Or maybe not 'exposed', but 'accessible'. Everything we say or
do on social is traceable, able to be attributed back to us and there's a wide range of
ways in which people can use this information for ill purposes, if they were so inclined.
Along these lines, there were three news stories this week that acted as something of a
refresher on the ever-shrinking data proximity of our connected world. Each case, in a
different way, serves as a reminder of the need to be vigilant in what we say, what we
do and how we respond via social platforms - and the importance of remaining aware
of how our data can be accessed.

CASE STUDY #1: Arizona Facebook Scammers

In the first case, an Arizona woman was jailed for six years for masterminding a tax
rebate scheme in which she and her compatriots used Facebook data to find and
target people for identity theft.

It works like this:

 Scammers search through Facebook for data on likely targets - in this case, they
targeted unemployed people in their local region
 Scammers then contact the targets using information they've gleaned from
those Facebook accounts, saying they're from a government agency or similar
that's seeking to help them out (in this case, they claimed to be working on an
economic stimulus program)
 The scammers then push for more personal information from the targets, details
they can then use to make a tax claim on their behalf, netting all profits in the
process

In the Arizona scamming case, the perpetrators were able to obtain 'sensitive
information' from several dozen people which they then used to make false tax claims.
They targeted unemployed people to reduce the risk of detection - in many cases the
victim isn't aware they've had their information stolen till they go to submit their own tax
returns.

This type of identity theft is on the rise. By using personal information available via
Facebook profiles, clever scammers are able to present very authentic dialogues that
would suggest they are, in fact, officials who have access to your personal records and
can be trusted with your data. They'll often use qualifying questions the way official
outlets would - something like "can I just ask you a few questions to confirm your
identity?" Then they have a qualified listing of questions and answers that they've been
able to establish from your social profiles. With a specific collection of the data points
they'll need, and with an offer being presented, like an economic stimulus program,
you can see how unemployed people who might need a few extra bucks could be
duped into giving over their data (then again, who doesn't need an extra few bucks?)

Key lesson: The strict rule of thumb highlighted by this case is that you should not be
giving out any detailed personal information to anyone without a thorough
understanding of who they are and where they're from. Always approach any such
request with a high degree of skepticism - like Nigerian e-mail scams, if it sounds too
good to be true, it most probably is.

CASE STUDY #2: F1 Driver Robbed

A big news story circulating earlier this week was that Formula One driver Jenson Button
had had his house robbed in St Tropez. Button and his wife, Jessica Michibata, were
staying in a rented holiday villa, which thieves broke into and cleaned out, taking,
amongst other things, Michibata's $388k wedding ring.

While speculation around the case suggested that Button and Michibata were in the
villa when it was robbed (some reports suggested the thieves had flooded the room
with sleeping gas, though that suggestion has since been debunked) Amanda
Connolly at The Next Web provided a different perspective on the theft - maybe the
robbers knew exactly where Button and Michibata were and used that as a signal for
when they should strike.

How could they have possibly known their location? Michibata is broadcasting it via her
Instagram account, with all her images tagged to locations via the photomap feature.

As Connolly points out:

"A lot of people aren't aware that even if you're not opting for the 'Name this Location'
option when you upload to Instagram, it's still possible that the app has added your
snaps to the stalkers dream that is the photomap."

While it's unlikely that, in this case, this is how the thieves determined the best time to
target the couple, it again highlights an important privacy concern all social media
users should be aware of - anything you post publicly that includes a note of your
location is also, inadvertently, showing those who may want to target you and your
belongings where you are at any given time. The same goes for images posted inside
your home - if you post a picture of your latest DIY project and there's a glimpse of your
expensive home studio in the background, you might just be making yourself a target.

While you don't want to be too paranoid about such risks - ideally, we'd all have the
freedom to post what we want to our social accounts - it's worth taking the time to
consider what information you're presenting in a public forum.

Key lesson: Ensure all your social media privacy settings are set to your personal
requirements and specifications - especially location tracking - to ensure you're only
sharing potentially sensitive information with people you know and trust. Also avoid
posting content that might signify that you're out of the house for an extended period
of time.

CASE STUDY #3: 30 Years Imprisonment for Facebook Post

The last issue of note was the sentencing of a man in Thailand to 30 years jail for insulting
the Thai monarchy via Facebook. The 48 year-old man was sentenced in Bangkok's
military court under a rule known as lèse-majesté (injured majesty), under which anyone
convicted of insulting the king, queen, heir or regent faces up to 15 years in prison on
each count. The man admitted to defaming the monarchy in six separate Facebook
posts - the original sentence of 60 years was reduced to 30 on admission of guilt.

While few nations have such strict punishments for content posted to social media sites,
the lesson remains - always take a moment to consider everything that you're posting to
your social media accounts. Whether it's a joke meme about being drunk or a naked
selfie uploaded to Snapchat, all such actions are recorded and tracked, and can be
attributed back to you, which may go against you in certain cases. Social media data
is being used in an increasing number of applications - just this week, Facebook
obtained a patent which can help lenders discriminate against certain
borrowers based on the borrower's social network connections. While it may seem like
over-stepping of the privacy mark, given the availability of such info it only makes sense
that businesses would utilize it to improve their processes.

This is particularly relevant in the case of those looking for work - while employers need
to apply some level of commonsense in assessing candidates based on their social
media activity, recruiters are, most definitely, judging candidates on that content. If
you're posting about how you 'hate your job', about how you're getting wasted every
night, about engaging in criminal activity, that content will be used in any assessment
of you, and while you might think not all employers are doing this, research shows that
the growing majority are.

Key lesson: Always be aware of what you're posting on social media. If you're posting
offensive, incriminating or in otherwise poor taste content, that material could be used
against you in later assessments. This is going to become an increasingly prominent
factor in employment decisions and recruitment strategies - in one sense, this is a good
thing as it means people will be matched to jobs based on more data points than just
gut feel and on-paper assessment. But it also means that you need to think before you
post - which is a great rule of thumb to adhere to either way.

As our world becomes more connected and is brought closer together through social
media and online communication, so too are we more exposed to mis-uses of our data
and judgements based on the content we publish. In the majority, this shouldn't be a
major concern - the benefits of a social media connectivity far outweigh the negative
implications on most fronts - but it is something we all need to be aware of. Stories like
these remind us of the need to be vigilant and responsive to potential issues as we go
about our daily digital interactions.