Staying Safe Online
There are currently several ways that bad actors are convincing folks to do the wrong things online. You may have recently read in the news that Facebook just warned over a million users their private information had been leaked through some apps that let users sign into other places using Facebook. In this bulletin I’ll address how to avoid this and give you some other security tips. If you think these things will never happen to you – think again! The truth is, they happen every single week, right here in Tellico Village.
Should You Login with Facebook or Google on Other Sites or Apps? (Thanks to Karen Brown for suggesting we add this in the October Bulletin.)
The short answer is NO!
Everywhere you go online these days, you’re required to login with a username and password. I get it – this is because sites want you to be registered so they can count you as a site subscriber for their advertisers. And since they know you’ll be more likely to comply if they make it easy to sign up and sign in, they offer the option of logging in through other ubiquitous services they know you use (primarily Google and Facebook).
Just don’t do it!
There are simply too many ways that pressing these buttons can leak your personal information or help companies track you. What could go wrong? Recently, Facebook warned a million Facebook users their accounts might have been compromised by 400 malicious apps that were designed to trick them into disclosing their Facebook log-in information by using fake log-in buttons. When you log in with Google or Facebook, you’re taking a big leap of faith that your data will be protected.
When is it okay to use log-in buttons? (Log-in with Facebook, or Log-in with Google.) The definitive answer is never, but log-in buttons aren’t necessarily always bad. If it’s a legitimate site or service, then you don’t have too much to worry about. For example, some people log in with Google to grant the Zoom video conferencing app access to their calendar, making calls pop up automatically. Here you’re trusting Zoom, but in this case it’s OK to do so.
How do you know when it is legit and when it is not? You don’t…and that’s the problem. If you want to take a chance, you might be just fine, but the safest decision is to just not do this at all. When you use these quick login methods, it helps Google and Facebook track you across websites and apps, letting them know when – and possibly even how – you’re using them.
Some good news. Both Google and Facebook have places where you can check which sites and apps you’ve connected to through their services. It’s a good idea to do a regular census – and remove anything of which you’re unsure. Here’s how to do this.
For Google, log in to your account and click on Third-party apps with account access. It lists all the third-party apps with access and places you use Google log-in and gives you the ability to revoke access to any site or app listed.
For Facebook, log in to your account and find your way to the Apps and Websites section in Settings. (Thankfully, Facebook now automatically disables connections you haven’t used after 90 days, but it’s still worth reviewing your choices periodically.)
Three Sure Signs You’re Being Scammed!
- You’re told to act immediately. Imposters want you to act before you have time to think and may pretend to be a relative in need, a utility company, or a financial institution.
- They’ll ask for your personal info or codes. Never share codes or personal information when contacted unexpectedly by phone, text, email, computer alert or social media.
- You’re asked to pay in an unusual way. Be wary if you’re asked to pay by wire transfer, gift cards or payment apps, such as PayPal or Venmo.
That’s it for this month! Remember to be vigilant as you use the internet and email. There are lots of bad actors out there who are very good at deceiving you. If you do happen to get into trouble – call our First Level Support (FLS) team immediately at (865) 408-8223.
Larry McJunkin, President