Why You Should Not Add Your Birthdate on Social Media or Anywhere Else!
There are details about you that you should never post on social media or anywhere else online for that matter. Social media sites like Instagram, Facebook, Snapchat, and Twitter prod users for additional information under the guise of making your account more secure. The information, like what city you were born in, may be used to recover your social media account should you forget the login credentials. Facebook requires that users be of a minimum age to use their platform, supposedly and wants to know your age to block certain types of content.
But there are dangers to providing this type of personal information, especially on social media sites that have no bearing in the grand scheme of your life. Much of the information that is asked for from social media, is used as common password reset questions on everywhere from your credit cards to stock trading accounts.
Social media is a common entryway into social engineering hacks. Hackers gather bits of information about a victim or a group of victims – say all employees form a certain company – and build a database of information about them. The goal may be to hack the group or an individual. Commonly a social engineering attack is used to gain enough personal information about a certain high-level person in a company to gain access to money or corporate secrets.
Your date of birth is something to never post on social media, ever. Some sites require that it be provided. Lie about it! I have a standard fake birthdate that I use on all non-essential websites. That means unless it is something that needs to know my real birthdate, like my passport renewal, for instance, then I enter a fake birthdate. The local market does not need to know my birthdate to send my an annual $5 off coupon. I’ll forgo the discount and keep my information private. Or at least try to. Entering your real birthdate and changing privacy settings to be visible only to you is not good enough. Hackers may get at that data.
Birthdates are a critical piece of information hackers need to open fraudulent bank accounts, hack into your current financial information, and commit other identity theft. A birthdate that coordinates to a real person is gold as far as data theft goes.
The City You were Born in
Again, the city you were born is a common password rest question. It is also something Facebook users like to proudly display on their profiles, so they can connect with others from there area or in places they used to live.
Everyone from bank accounts to lenders use your hometown to identify individuals. If you apply for a credit card and the bank uses one of the three major credit bureaus to ask you a few personal questions, you’ll see places you lived before as some of the questions. While you cannot keep it off your credit report, don’t supply it to social media sites where everyone can see it. Hackers can use this to open up accounts in your name.
If you publicly display your birth year and city you were born in, hackers can use the information to hack at your social security number. In case you didn’t know it, the first digits of your social security number are tied to where you were born. Your social security number can then be used for total identity theft.
When You Are on Vacation
We all love to share our vacation photos online. Just don’t do it while you are away from home. If you post your hometown in your profile and share vacation photos on social media, burglars can use that to know when it’s a good time to break into your home. Not only does sharing your home address provide identity thieves with an important puzzle piece, but it allows burglars to locate your home.
Wait until you are home to post the photos.
What’s your favorite pet’s name? Does that question sound familiar? It should. It is another common password reset question. I’m not telling to avoid posting cute puppy photos on Instagram. Work this one form the other angle. When asked for your favorite pet’s name as a password reset question, use a pet from your childhood or some other animal’s name – like your favorite horse for example. Don’t make it easy for hackers to gather information about you.
Photo of Your Driver’s License
This one seems like a total no-brainer, yet I see it all the time. Do not post your learner’s permit, driver’s license, or passport online. That is a treasure trove of information. If a hacker can match a name to photo that is a goldmine of data. Add an address and date of birth and you are ripe for identity theft. If your kid decides to post their learner’s permit, it is giving a hacker an idea that they just turned 16 plus their home state (based on the issuing government in the photo.) That is a still good amount of information to launch a social engineering attack.
Other things not to post on social media. Don’t check into your local bank while you are waiting. You obviously will be giving up the name of your bank. OF course, don’t post a photo of that shiny new credit card you just opened.
Other common password rest question includes where you were married, your father middle name, your mother’s maiden name. A lot of this is available from public records, but that can take a lot more digging to find out. The goal is to make a hacker’s job difficult. Don’t post things on social media that are sensitive or lead to sensitive data!
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers