Read this before you post your location on social media

Sadia vera

A social media post shows a celebrity dripping in expensive jewelry at a well-known locale. Shortly thereafter, gunman sweep in to forcibly relieve the celebrity of said bling.

It’s a story we’ve heard multiple times over the years, most recently in relation to the fatal shooting of rapper PnB Rock on Monday at Roscoe’s House of Chicken & Waffles in South Los Angeles. The incidents are rare, authorities say, but they’re a dramatic reminder that sharing information about yourself online can put you at risk.

We don’t know whether PnB Rock (real name: Rakim Allen) was tracked to Roscoe’s through social media; we know only that the attack happened a few minutes after his girlfriend made an Instagram post revealing their presence at the restaurant. But the criminals involved in some previous high-profile attacks, such as the one on Kim Kardashian West in Paris six years ago, have admitted that they do, in fact, scour their potential victims’ social media posts for information about what they have and where they are.

Considering that billions of people post a staggering amount of material on social networks daily, chances are low that your Instagram pictures and TikTok videos will capture the attention of internet-savvy thieves. Entertainment industry celebrities, professional athletes and successful influencers are not like us, at least not in that respect.

Still, there are other reasons to be cautious about what you say and show about yourself online. Safety experts say there are privacy rules that everyone should follow when posting to social media; here are their suggestions.

Limit who can view your posts

Social media apps allow you to decide who can see and interact with your uploads. By default, though, some apps make your posts visible to every sentient being and bot on the internet.

As tempting as it might be to share with the public at large — that’s how you get more followers! — a more cautious approach is to share your bon mots and exquisitely composed images privately with people in your chosen social circle. Follow these links to learn how to go private on Instagram, Twitter and TikTok.

On Facebook, you can modify your settings by running the network’s handy Privacy checkup. The visibility of your LinkedIn profile and various elements of it can be adjusted here. Snapchat posts, meanwhile, are limited by default to your friends on the network.

And if you do leave your posts open to the general public, at least familiarize yourself with the app’s tools for weeding out specific users or topics, in case you attract some followers or trigger some conversations that you wish you hadn’t. The Rape, Abuse & Incest National Network offers a useful guide to the filtering and blocking tools offered by Instagram, Facebook and Twitter.

Do not share your location in real time

This is a little tricky because some social apps, such as Instagram, can automatically tag your posts with your location unless you change the settings on your phone to cut off the app’s access to location data. For others, such as Facebook, you have to choose to reveal your location when writing a post — in Facebook’s case, by clicking on the “Check in” symbol below the text field.

For most people, the threat isn’t drawing a gang of luxury watch thieves to your table at a tony Beverly Hills restaurant. It’s more the chance of letting burglars know you won’t be home for a while or tipping off a stalker.

Don’t worry, you can still show off all the great places you’ve parked your Honda in front of. “If sharing where you are is important to you, consider waiting to tag the location until you leave,” advised the Rape, Abuse & Incest National Network.

This almost goes without saying, but if those posts show you in some stunning or trending spot far from where you live, waiting to tag until you leave means waiting to tag until you return home.

Even if you decide not to share your phone’s location data with your app, social networks will use other means to determine where you are — and then, potentially, monetize that data through targeted advertisements. Under California law, you can tell online companies not to sell sensitive personal data such as location information to third parties, but you can’t stop them from using the information themselves.

Remember, keeping your location out of your social media posts won’t stop the people you go out with from revealing it in theirs. To a degree, your privacy is at the mercy of the most share-happy person in your circle. When you go out with a group, try to reach consensus upfront on whether and when to reveal your location.

Beware of identity thieves

You’ve probably been warned not to divulge your Social Security number except on a need-to-know basis (and if you haven’t, consider this your first warning). But there are other pieces of personal information you might share freely that could help someone impersonate you.

That’s not just basic information such as your address and phone number, but also nuggets from your personal history. Think of it this way: What questions do websites ask to verify your identity when you lose the password to your account? It’s a familiar litany — What’s your pet’s name? Where did you go to school? What’s your mother’s maiden name? And if you’re heedless, you could provide all the answers in your posts.

“Keep personal information personal,” cautioned the University of Pittsburgh’s IT department. “The more information you post, the easier it may be for someone to use that information to steal your identity, access your data, or commit other crimes such as stalking.”

Be smart about passwords

Along the same lines, make it hard for people to hijack your social media accounts. Use a password manager app to generate (and remember!) ridiculously strong passwords, then change your passwords periodically.

Without a strong password, hackers might be able to guess their way into your account. More likely, though, they will use the magic of social engineering to persuade you to reveal your password to them — typically, by pretending to be a colleague, a tech support person or some other seemingly legitimate authority figure.

So get up to speed on how to recognize phishing and smishing attacks. And in the meantime, don’t respond when someone asks for your password online.

Report bad actors

Blocking someone who harasses you can seem satisfying and problem-solving, but it may simply turn your problem into someone else’s nightmare. Make a record of suspicious or inappropriate behavior in your feed with screenshots (here’s how on an iPhone, and here’s how on an Android phone), and report the person to the social media network.

You’ll find a link to report or flag a post within the post or comment itself. For example, on Instagram you’ll need to click on a symbol that’s composed of three dots, then click on the Report link. The social network will then determine whether the person has violated any of its rules, and if so, whether to suspend or remove that account.

About The Times Utility Journalism Team

This article is from The Times’ Utility Journalism Team. Our mission is to be essential to the lives of Southern Californians by publishing information that solves problems, answers questions and helps with decision making. We serve audiences in and around Los Angeles — including current Times subscribers and diverse communities that haven’t historically had their needs met by our coverage.

How can we be useful to you and your community? Email utility (at) latimes.com or one of our journalists: Matt Ballinger, Jon Healey, Ada Tseng, Jessica Roy and Karen Garcia.


https://www.latimes.com/business/technology/story/2022-09-14/read-this-before-you-post-your-location-on-social-media

Next Post

Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability

A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites. Tracked as CVE-2022-3180 (CVSS score: 9.8), the issue is being weaponized to add a malicious administrator user to […]