I was recently the victim of not only a hacked Facebook account, but also fraud with a credit card that was stored on file. It took some time to rectify the situation, and I’m still not sure that I am in the clear for storing my card again. What amazes me, is how Facebook responded with “guidelines” to keeping my account secure.
Don’t get me wrong, these are all good practices, but Facebook seems to be pointing the finger at everyone but themselves:
*** The text below is from an email sent by Facebook’s Risk Department on 18-Apr-2011 ***
1. Secure Email: Since anyone who can read your email can probably also access your Facebook account, you should make sure that any email addresses associated with your account are secure. To ensure security, you should change the password for all of your email accounts and make sure that no two are the same. By varying your passwords, you can greatly decrease your account’s risk of being compromised in the future.
2. Log in at Facebook.com: Accidentally entering your login credentials on a fake Facebook login page can put your account security at risk. Make sure that when you access the site, you always log in from a legitimate Facebook page with the facebook.com domain. Do not click any unfamiliar links and do not run any executable files (files ending in .exe) on your computer without knowing what they are. If something looks or feels suspicious, go directly to www.facebook.com to log in. You should also be suspicious of any messages sent to you purporting to be from Facebook or an application developer asking you to login to claim a prize or validate your account.
3. Password Protection: Please do not give out your login information to anyone for any reason. You should select a unique and complex password for your account and keep this entirely to yourself. Be sure that you use a complex string of numbers, letters, and punctuation marks that is at least six characters in length. It should also be different from other passwords you use elsewhere on the internet.
4. Private Browsing: Please make sure that you log out of your Facebook account and quit your browser when you’re done using the site. This is especially important when using a public computer or someone else’s mobile device. You should also never check the “Remember Me” box when logging in from a public computer, as this will keep you logged in even after you close your browser window.
5. Security Question: If you have not done so already, you should add a security question to your account from the Account Settings page. You should choose a question and answer that you will remember, and no one else should be able to answer the question that you choose.
6. Run Anti-Virus Software: If your computer has been infected with a virus or with malware, you will need to run anti-virus software to remove these harmful programs and keep your information secure.
7. Learn More: You should visit the following page for more information about Facebook security and how to report suspicious material in the future: http://www.facebook.com/security