1. Realize that you can become a victim at any time. Not a day goes by when we don’t hear about a new hack. With 55,000 new pieces of malware a day, security never sleeps.
2. Think before you post. Status updates, photos, and comments can reveal more about you than you intended to disclose. You could end up feeling like some silly politician as you struggle to explain yourself.
3. Nothing good comes from filling out a “25 Most Amazing Things About You” survey. Avoid publicly answering questionnaires with details like your middle name, as this is the type of information financial institutions may use to verify your identity.
4. Think twice about applications that request permission to access your data. You would be allowing an unknown party to send you email, post to your wall, and access your information at any time, regardless of whether you’re using the application.
5. Don’t click on short links that don’t clearly show the link location. Criminals often post phony links that claim to show who has been viewing your profile. Test unknown links at Siteadvisor.com by pasting the link into the “View a Site Report” form on the right-hand side of the page.
6. Beware of posts with subjects along the lines of, “LOL! Look at the video I found of you!” When you click the link, you get a message saying that you need to upgrade your video player in order to see the clip, but when you attempt to download the “upgrade,” the malicious page will instead install malware that tracks and steals your data.
7. Be suspicious of anything that sounds unusual or feels odd. If one of your friends posts, “We’re stuck in Cambodia and need money,” it’s most likely a scam.
8. Understand your privacy settings. Select the most secure options and check periodically for changes that can open up your profile to the public.
9. Geolocation apps such as Foursquare share your exact location, which also lets criminals know that you aren’t home, so reconsider broadcasting that information.
10. Use an updated browser. Older browsers tend to have more security flaws.
11. Choose unique logins and passwords for each of the websites you use. I’m a big fan of password managers, which can create and store secure passwords for you.
12. Check the domain to be sure that you’re logging into a legitimate website. So if you’re visiting a Facebook page, look for the www.facebook.com address.
13. Be cautious of any message, post, or link you find on Facebook that looks at all suspicious or requires an additional login.
14. Make sure your security suite is up to date and includes antivirus, anti-spyware, anti-spam, a firewall, and a website safety advisor.
15. Invest in identity theft protection. Regardless of how careful you may be or any security systems you put in place, there is always a chance that you can be compromised in some way. It’s nice to have identity theft protection watching your back.
Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss social media scammers on CNN. (Disclosures)