Social Media Safety
10 minute read
Protect your privacy and security on Facebook, Instagram, and other social platforms.
Social media helps us stay connected with family, friends, and communities. But it also creates risks—scammers watch what you share and use that information against you. This guide will help you enjoy social media while staying safe.
What You’re Really Sharing
Every post, photo, and comment tells scammers something about you. Before you share anything, consider how it could be used against you.
Information Scammers Collect From Your Profile
| What You Share | How It Can Be Used Against You |
|---|---|
| Your birthday (with year) | Identity theft, guessing security questions, targeted scams on your birthday |
| Pet’s name | Often used in passwords and security questions (“What was your first pet’s name?”) |
| Vacation photos while traveling | Tells burglars your home is empty |
| Children’s school or activities | Location tracking, targeting your family |
| “First car” memes and quizzes | Security question answers (“What was your first car?”) |
| Where you work | Targeted phishing emails pretending to be from your company |
| Your daily routine | When you leave for work, when you’re home alone |
| Maiden name | Common security question, helps with identity theft |
| Anniversary date | Often used in passwords and security questions |
Those Fun Quizzes Are Traps
You’ve probably seen posts like:
“Your superhero name is your first pet’s name + the street you grew up on! Comment yours below!”
This is not a fun game. It’s someone collecting security question answers from thousands of people. Other examples:
- “What was your first car?”
- “Your mother’s maiden name + your birth month = your soap opera name!”
- “Answer these 20 questions so we can guess your age!”
Skip all of these. They’re designed to harvest information that protects your accounts.
Privacy Settings You Should Change Now
Each social media platform has settings that control who sees your information. Taking 10 minutes to review these can significantly improve your safety.
Go to Settings → Privacy and change:
| Setting | Recommended |
|---|---|
| Who can see your future posts? | Friends (not Public) |
| Who can send you friend requests? | Friends of friends |
| Who can look you up using your email? | Friends |
| Who can look you up using your phone number? | Friends |
Go to Settings → Profile and Tagging:
| Setting | Recommended |
|---|---|
| Who can post on your profile? | Friends |
| Review posts you’re tagged in before they appear? | On |
| Who can see posts you’re tagged in? | Friends |
Also do: Review your past posts. Click “Limit Past Posts” to make old public posts visible only to friends.
Go to Settings → Privacy:
| Setting | Recommended |
|---|---|
| Private account | Consider turning on (especially for personal accounts) |
| Who can message you | People you follow |
| Who can tag you | People you follow or require approval |
| Who can mention you | People you follow |
Go to Settings → Visibility:
| Setting | Recommended |
|---|---|
| Profile viewing options | Consider private mode if you don’t want others to know you viewed them |
| Who can see your connections | Only you (prevents mapping your professional network) |
| Who can see your email address | First-degree connections or No one |
TikTok
Go to Settings → Privacy:
| Setting | Recommended |
|---|---|
| Private account | On for personal accounts |
| Who can comment | Friends or No one |
| Who can duet with you | Friends or No one |
| Who can download your videos | Off |
Friend Requests and New Connections
Not everyone who wants to connect is who they claim to be. Scammers create fake profiles to access your information, run romance scams, or send you phishing links.
Warning Signs of a Fake Account
🚩 No mutual friends or connections — Why would a stranger want to connect with you specifically?
🚩 Very new account — Created in the last few weeks or months
🚩 Profile photo looks like a model — Too polished, too professional, or too attractive
🚩 Photos seem “off” — May be AI-generated (look for weird hands, asymmetrical features, blurry backgrounds)
🚩 Generic or incomplete profile — Few posts, little personal information
🚩 Immediately sends flirty or business messages — Legitimate connections don’t rush
🚩 Claims to know you but you don’t recognize them — “We met at that conference” when you didn’t attend any conference
What Scammers Do With Fake Connections
Once you accept their request, they can:
- See your private posts and gather more information about you
- Start a romance scam — Build a fake relationship, then ask for money
- Pitch an investment scam — “I made so much money, you should too!”
- Impersonate you — Copy your photos to scam others
- Target your friends and family — Use your connection to seem legitimate
The Safe Approach
If someone you don’t recognize sends a request:
- Look at their profile carefully. Do they seem like a real person?
- Check for mutual friends. If you have none, be very suspicious
- If they claim to know you, message them and ask how (before accepting)
- When in doubt, don’t accept. If they’re real, they’ll find another way to reach you
Quizzes, Games, and Connected Apps
Many Facebook games and quizzes require you to “log in with Facebook” or “connect your account.” When you do this, you’re giving that app access to your information—and sometimes to your friends’ information too.
What These Apps Can Access
Depending on what you approve, third-party apps may get:
- Your name, email, and profile information
- Your friends list
- Your posts and photos
- Permission to post on your behalf
- Your location
The Risk
- Many of these apps collect and sell your data
- Some are created specifically to harvest information for scams
- Quizzes are often designed to collect security question answers
- Games can install tracking or even malware
Clean Up Your Connected Apps
Facebook: Settings → Apps and Websites → Remove apps you don’t recognize or use
Instagram: Settings → Security → Apps and Websites → Remove unused apps
Google: myaccount.google.com/security → Third-party apps with account access
Apple ID: Settings → [Your Name] → Password & Security → Apps Using Apple ID
Review these quarterly. Remove anything you don’t remember authorizing or no longer use.
When a Friend’s Account Is Hacked
Sometimes you’ll receive strange messages from friends. Their account may have been compromised.
Signs a Friend’s Account Was Hacked
- Sends links with no context or explanation
- Messages you urgently asking for money
- Writes in a different style than usual
- Promotes cryptocurrency or investment opportunities out of nowhere
- Sends a link saying “Is this you in this video?” or “Look what I found”
- Posts things that seem out of character
What to Do
- Don’t click any links they send
- Contact them another way — Call, text, or email them directly
- Ask a question only they would know the answer to
- Warn them if you confirm their account is compromised
- Report the messages to the platform
If Your Account Gets Hacked
If you suddenly can’t log in, or notice posts you didn’t make, act quickly.
Immediate Steps
1. Try to log in and change your password immediately
If you can still get in, change your password right away to kick out the hacker.
2. Use the platform’s recovery process:
3. Check for unauthorized activity:
- Look for posts, messages, or comments you didn’t make
- Delete anything posted by the hacker
- Check if they changed your email or phone number
4. Alert your friends:
Post from another account or contact people directly to warn them not to click links or send money to “you”
5. Review and remove connected apps:
Hackers sometimes add apps to maintain access
6. Turn on two-factor authentication:
Once recovered, enable this to prevent future hacks (Settings → Security → Two-Factor Authentication)
7. Change your password on other sites:
If you used the same password anywhere else, change it immediately
Protecting Children on Social Media
If you have children or grandchildren using social media, take extra steps to keep them safe.
For Younger Children (Under 13)
- Most social media platforms technically require users to be 13+
- If they do use it, monitor their activity closely
- Keep devices in common areas, not bedrooms
- Know their passwords and check their accounts regularly
- Use parental controls built into devices and platforms
For Teenagers
- Follow or friend them (appropriate to their age and your relationship)
- Have ongoing conversations about online safety
- Discuss what’s appropriate to share publicly
- Talk about predators and scammers without being scary
- Teach them to come to you if something seems wrong
- Model good behavior with your own social media use
Key Topics to Discuss
- Never share location in real-time — Wait until after you’ve left somewhere
- Never share school name or schedule — Predators use this information
- Never meet online-only friends in person without parents present
- Screenshots last forever — Never send anything you wouldn’t want shared
- People lie online — That 15-year-old might be a 45-year-old
Quick Summary
Stay safe on social media by following these guidelines:
✓ Review privacy settings on each platform (quarterly reminder)
✓ Be cautious of friend requests from strangers or people you don’t recognize
✓ Skip quizzes and games that ask for personal information or account access
✓ Verify unusual messages from friends through a different method before clicking links
✓ Think before posting — What are you revealing? Could it be used against you?
✓ Clean up connected apps regularly and remove what you don’t use
✓ Turn on two-factor authentication on every social account
✓ Talk to young people about online safety and keep communication open