Once again, Facebook founder Mark Zuckerberg was hacked.
Earlier this week, 14 private photos of Zuckerberg were leaked to photo-sharing site Imgur under the headline, "It's time to fix those security flaws Facebook." The social network later confirmed that the flaw was the result of a recent code push and was live "for a limited period of time"--affecting not just Zuckerberg's account, but also an undetermined number of others.
This latest security problem comes one week after Facebook agreed to settle the charges with the FTC that it deceived consumers by telling them they could keep their information on Facebook private, then allowed it to be shared and made public.
Unfortunate timing for Facebook, no doubt. But, according to Mike Geide, senior security researcher at Zscaler ThreatLabZ, a cloud security company, Facebook has stepped up its security measures in the last year, though "there's certainly room for improvement," he says.
"Hackers are getting more and more sophisticated with their attacks," Geide says. "Facebook credentials that are stolen and sold underground are a huge commodity--kind of like email addresses are for spammers."
As hackers up the ante with attacks, Facebook users need to take extra precautions and exercise better judgment to ensure their accounts--and their personal information--stay safe. Here are four ways to do so.
1. Enable SSL Encryption
In the past, Facebook used HTTPS--Hypertext Transfer Protocol Secure--only when you entered your password. If you've shopped or banked online, you might also notice this amped-up security feature, denoted by a small lock icon that appears in your address bar, or just a green address bar. Facebook now applies SSL encryption to all browsing done on the site, and it is strongly recommended if you use public computers or access points, such as at coffee shops, airports or libraries.
To enable this security feature, visit your Account Settings page, then choose "Security" from the options on the left side of the screen. Here, you'll be able to see whether this option, "Secure Browsing," is enabled or disabled. Click "Edit" to enable it.
Do note that encrypted pages take longer to load in this mode and that not all third-party apps may support it.
2. Be Wary of Information You Share
The information you share in your profile may seem harmless, but particular pieces are popular "ins" with hackers. Take, for example, your birthday. This piece of data, Geide says, is sometimes used in security questions. Disclosing it at will could put you at risk.
Geide also recommends opting out of the feature that lets you--and your friends--check you into places. Here's how to find this setting:
Navigate to your Privacy Settings page and click "Edit Settings" next to "How Tags Work." Then, turn it off.
Sign up for Computerworld eNewsletters.