For many of us, social media is something we take for granted, not thinking about the consequences of the information we put out there. Sure, we might learn when to hold our tongue on a political issue, but it really doesn’t matter what we say, as long as our privacy settings are good, right? Maybe. Probably not.
What is OSINT?
Open Source Intelligence, or OSINT, is intelligence that can be gained through publicly available data. OSINT can be found in mass media, such as the news, radio, magazines, and other media outlets, but can also be found in online sources like YouTube, Facebook, Twitter, and other websites. Even dumpster diving can be a source of useful information, although this is less common that it may have been in past decades. What I am going to be focusing on here is social media, because this is probably the largest source of personal information that is easily accessible.
Let’s Get Social
How sure are you that everyone on your friends’ list is who they claim to be? Have you met them all in person? Can friends of friends see your posts? What if someone screenshots your post, because they thought what you said was hilarious, and they share it without your permission? Do you complete any quizzes that request access to your profile information? Your personal information might not be as secure as you think it is.
Now, let’s think about how the personal details you put on social media can be used against you. Take a look at the Game of Thrones meme above. It seems harmless enough, right? Now think about the last time you set up a new account somewhere. What were the default security questions you have to choose between in case you need to reset your password? Suddenly, replying with your Game of Thrones name doesn’t seem so safe, does it?
The Cake is a Lie
There are a couple ways you can make sure your personal information is safe online. The way most people will talk about is to make sure you never complete quizzes, or answer questions posed by random memes. That will certainly help keep your data safe, but it’s not as fun. There’s another option that lets you keep your personal data safe, and can be fun at the same time: lie.
No, I’m not saying you have to lie about who you are online, but your public information on Facebook doesn’t have to reflect your actual home address, and the answer to your mother’s maiden name for password recovery doesn’t have to be your mother’s actual maiden name. The method I recommend for keeping your password recovery data safe, is to create a whole “other life” that you use for password recovery questions. Any time you come across an account that doesn’t have a question that fits into my story, update the story with the new information you choose for the account. This way, if someone figures out your personal details, it does nothing to help them get into any of your accounts. This method makes it easy to keep your online persona true to who you are, while creating a certain level of separation from sensitive data.
Shut the Door and Close the Window
So much of our lives exist in the digital realm anymore, why not have some fun with it? Just make sure you are taking some steps to separate your public information from your account recovery details. While it is still good advice to control your personal information on your social media profiles, the best way to protect yourself is to make sure every account you have, no matter how minor it may be to you, does not use information that can be easily found online.