Protect Yourself on Social Media… 13 Tips from a Gray Hat Stalker

Ah, social media and technology. It’s a beautiful thing, isn’t it? You can reach out and connect with strangers all over the world. Or, you can also steal someone’s identity or hunt down someone you “need to find”. Social media is a plethora of information that many people let pass by. However, there are a few of us who absorb this information and process it and use it to our advantage.

Everyone has heard of hackers, right? Hackers access computers systems and exploit the vulnerabilities within the system. However, not all hackers are bad. Let me clue you into a few terms from the information security field:

White Hat- white hat hackers are the good guys. They are typically hired by companies to purposefully attack their systems and tell the company where their vulnerabilities lie. They are ethical, they are lawful, and they are good.

Black Hat- these hackers are the ones you see in movies portrayed as wearing a mask and wreaking havoc on systems. They hack for personal gain or destruction. They are unethical, unlawful, and bad.

Gray Hat- these are the hackers I identify with the most. Gray hats don’t hack for personal gain or destruction but they do access systems illegally. Think of hacking a company (without permission) and then letting the company know how crappy their security is. The access is illegal but the gray hat does tell the person how vulnerable they are. This is more of an ego hacker who wants to prove how vulnerable someone is without exploiting them. They have varying ethics, they are unlawful, and they are generally non-malicious.

When it comes to social media, there are black, white, and gray hat “hackers” who use the information put out there by you to cause harm, to irritate, or to infiltrate. I use hackers in a very loose way here. They are stalkers, not hackers, but the ethics behind their actions align very well with the hacker hat categories. The reason I know the majority of these things is because I have been harassed and stalked via social media, and I have also used my skills to send a glitter bomb to someone who deserved it and to find out varying amounts of information about people. I know a lot of unethical ways to gather information, and maybe one day I will share what I know. Today is not that day.

This post is where I wear a gray hat and let YOU know what your vulnerabilities are within your social media presence. Some of this borders upon paranoia, but never underestimate your ability to piss off a good “hacker”/stalker who can make your life hell.

Protect yourself

  1. Locations-Turn off all locations on your social media posts. Locations make it easy for people to track your daily movements. This puts your safety at risk from petty stalkers to thieves who find out when you’re not around your house to plan their strike.
  2. Picture metadata- Use apps like Metapho to remove all metadata from the pictures you take on your phone. Metadata is the information within the picture like the phone/camera type, the date and time the picture was taken, the GPS coordinates of the exact picture location, etc. Metapho is free, but the ability to strip metadata is not, so pay for the upgrade and protect yourself. Some websites strip the metadata of the uploaded pictures but when you send a picture to someone, your metadata is going with it.
  3. Don’t post pictures of your house (inside or outside). Simply put, it is super easy for someone to draft a blueprint of your house based upon the dozens of pictures/videos you have of the inside of your house. Put this together with #1 and you have an easy break in. If you must, don’t post pictures of doors or windows.
  4. Security settings- Information can be garnered from the stuff you put on the internet. Think of the security questions that your bank uses. Can any of the answers be found on your social media?! REMOVE IT. Here are some tips:
    • Privatize all of your posts from everyone but friends.
    • Make all of your photos only available to friends (this hides likes and comments on the picture usually available to the public)
    • Remove your birthday
    • Remove your education information
    • Remove all listed relatives and relationship information
    • Hide your friend list
    • Make yourself unsearchable by internet engines
  5. Remove your face from publicly available pictures. This is a twofold tip. For one, your social media presence will be harder to find by malicious intenders. For two, with facial recognition becoming more prevalent, people can use a picture of you to unlock certain “protected” things, like your new iPhoneX.
  6. Google yourself by using *your name*. Using the astericks (*) invokes the Boolean search feature of a “wildcard” and will yield more results than searching without it. Find out what websites mention you and what information that yields. Email the website administrators as necessary. Remember to check out the “images” this search yields too.
  7. Use two-factor authentication on all of your accounts. This forces you to enter a second authentication code or pin when you attempt to access your accounts. Remember to remove all cached/logged in accounts often to prevent someone coming behind you and using that device to log in.
  8. Don’t accept friendship requests from anyone you don’t know. This is self-explanatory. Also, regularly cull your friends to remove antiquated relationships, because it can be easy to gather information through your old friends.
  9. Log out of all social media and see what can be seen by people who are doing a profile drive-by. Fix anything that you don’t want revealed.
  10. Sign up for a Google Voice number to link to your social media account OR don’t give friends and family your real number, give them the Google voice number. Do you ever wonder why you show up on people’s suggested friends list? Or how that random guy from ten years ago shows up on your suggested friends? Or perhaps someone added you on snapchat and you never told them you had an account? Social media usually allows you to link your contacts (I don’t advise) but if you are in someone’s phone and they connect their contacts? You will show up on their accounts as “suggested”. This is great if you want to be found and crappy if you don’t. (Side note, cell phone companies sold contact lists from approximately ten years ago, which is why REALLY old contacts started showing up on Facebook for awhile there.)
  11. Don’t accept friend requests from people who are already a friend of yours. It’s easy to fall for those fake accounts and allow people access to your more private information.
  12. Find those who are willing to cause you harm via social media first and block them. You can’t prevent their fake accounts from finding you, but security is about layers. Blocking is the first and easiest layer.
  13. Don’t want it known? Don’t put it on the Internet. Stalkers use context clues to connect the dots and see a bigger picture. Don’t be dumb.

Maybe one day I’ll talk about what I do to gather my information. If you’re interested, send me a message through the blog and I’ll “white hat” stalk your accounts to tell you what I can find out about you. Be forewarned, it can get creepy.