Millions of People at risk of ID Theft Via Social Sites.

Here is some food for thought, What happens when you forget your password? or when you call a company and need to establish your Identity over the phone? well you probably have to answer a few “Security” questions, or “Challenge” questions, the questions are supposed to identify one person – Us, but it also includes, con-artists and criminals.

Whats your Pets name?
Where were you born?
Where did you go on Your Honeymoon?

All of the questions listed above are just some of the question that you may be asked in order to identify who you really are. Usually this means that only you know the answer to the questions. Unfortunately, we don’t really have a clue as to how vulnerable we really are, specially thanks to social media sites like Facebook. A survey taken last month showed: (Credit goes out to Harris Interactive for the following information.)

According to Harris Interactive, 18 percent of men will accept a woman’s friend request, even if they do not know the person. About 7 percent of women will accept an unknown man’s friend request. A total of 5 percent of U.S. adults will accept every friend request they receive. The key to stealing a person’s identity is built with just a handful of pieces. And much of that information is openly available on social networks.

Only 50 percent trust that their connections will keep their information private. Yet more than 24 million Americans leave their personal information “mostly public” on social networks. The results are based on a survey last month of 1,011 Americans 18 and over, including 387 who are on social networks.

Leaving personal information public and allowing practically anyone to view your profile is a dangerous prospect, Harris Interactive observed. The company said that the basic information found in a social profile can help “build the dossiers [that criminals] need to beat challenge questions and other security measures on financial accounts.” It’s a sentiment with which ID Analytics agrees.

“Americans’ lack of caution in friending members of the opposite sex online is striking,” Thomas Oscherwitz, chief privacy officer at ID Analytics, said in a statement. “Friending someone online is not risk free Most social networking profiles contain personal information that can be used by fraudsters, and when you friend someone, you are giving them access to this information.”

So let me dissect what all of this means to you, when someone invites you to be-friend them, it gives them access to all of your information, the person then goes into your Social Media Account aka Profile, they start to read over past conversations, over the history of your page, they look at pictures, they look at your contact information etc. And using the information they gathered they hack into your e-mail accounts, bank accounts, etc. The list goes on and on.

So let me give you a scenario, when you go into Facebook, you have the option of selecting “forgot password” if you do that, facebook will state, “Please enter your e-mail to send you a reset link”

The e-mail link is obtained via your “information” tab, they (ID Thieves) type that in, then they go to your e-mail account and again click “forgot password” this time, they are asked to please provide 3 “security questions” that usually range from “what is your pets name?” “what is your mom’s maiden name?” “Where did you have your honey moon?” like the examples I’ve already given above.

Well all of those answers can be found in a Trustworthy person’s Facebook account, you add a thief as a friend and before you know it, they find that one picture of you holding your pet, “Shnoodlefry”: with your friends, a picture later, they find that you went to Hawaii for your honey moon under your “honey moon in hawaii” Album, lastly Facebook has incorporated the “Family Tree” Tab. Most people now list their Mother, Father, Cousin, etc. on their Facebook, and if you are a Married Woman, then you even have the option of “Maiden Name” which looks like — Jane Doe (Jane Smith). The sad thing about it, is that most Americans believe this information is innocent, it may be innocent to us, but to a skilled con-artist, this is the holly grail.

Once they have access to your e-mail account, they can change everything, including security answers, passwords, etc. And completely take over your e-mail accounts, which probably holds information to passwords or they can request “password reset links” to facebook, banks, online stores, e-bay, paypal etc. Banks are a bit more secure but regardless, the same can be done over the phone, a bank teller wont be able to tell the difference between Jane Smith and Bob Doe over the phone. They ask you the security questions, and once answered they give them full access to their information. Which in turn, now have access to everything you have tried to protect for your entire life, and all of it can be done over your social network Page..

So what can you do? well for starters, don’t be so open about who you are in any social website, also give out fake security questions, something that doesn’t make sense for example, “what is your Mothers Maiden name? – Bob Cat- or something along those lines you get the gist of it. But most importantly, try to avoid people that you don’t know, and block “Private” information from everyone but your self, after all, no one needs to know Your FULL date of birth, your Phone number, your E-mail Address. or other Private Information, “But Tek Bull what If I want my friends to be able to see that?” well in that case your friends don’t know you very well do they?

Let that soak in for a bit, and stay safe.

You can read more at CNET