May 4, 2010

Everyone, it seems, is benefiting from the growing numbers of consumers using social networks such as Facebook and MySpace - including criminals.

The number of online U.S. households using these networks has nearly doubled in the past year the latest and Consumer Reports State of the Net survey found that 52 percent of adult social network users have posted personal information such their full birth date which can increase their risk of becoming a victim of cybercrime.

The survey results, tips to protect users' information online and ratings of security software are featured in the June issue of the magazine.

"Many people use social networking sites to share personal information and photos with their friends quickly and easily," says Jeff Fox, Technology Editor for Consumer Reports . "However there are serious risks involved which can be lessened by using privacy controls offered by the sites."

The CR National Research Center conducted a nationally representative survey of 2,000 online households in January. It found that nine percent of social network users experienced some form of abuse within the past year, such as malware infections, scams, identity theft or harassment.

Users who post information such as a full birth date -- month, date, and year -- (38 percent), photos of children (21 percent), children's names (13 percent), home street address (eight percent) and details when away from home (three percent) are especially vulnerable to becoming victims of abuse.

And cybercrime can be costly. CR estimates that consumers have lost $4.5 billion over the past two years and replaced 2.1 million computers compromised by malware.

Seven things to stop doing on Facebook NOW!

Social networks are a fast and easy way to share information and photos with friends. Incidents of crime can be lessened and possibly avoided by changing the following habits:

• Using a weak password. Avoid simple names or words that can be found in a dictionary, even with numbers tacked on the end. Instead, mix upper- and lower-case letters, numbers and symbols. A password should have at least eight characters. One good technique is to insert numbers or symbols in the middle of the word.

• Listing a full birth date. Listing a full birth date -- month, day and year -- makes a user an easy target for identity thieves, who can use it to obtain more personal information and potentially gain access to bank and credit card accounts. Choose to show only the month and day or no birthday at all.

• Overlooking useful privacy controls. Facebook users can limit access for almost everything that is posted on a profile from photos to family information. Consider leaving out contact info, such as phone number and address.

• Posting a child's name in a caption. Don't use a child's name in photo tags or captions. If someone else does, delete it by clicking Remove Tag. If a child isn't on Facebook and someone includes his or her name in a caption, ask that person to remove the name.

• Mentioning being away from home. Three percent of Facebook users surveyed said they had posted this information on their page. Doing so is like putting a "no one's home" sign on the door. Be vague about the dates of any vacations.

• Being found by a search engine. To help prevent strangers from accessing a profile, go to the Search section of Facebook's privacy controls and select Only Friends for Facebook search results. Be sure the box for Public Search isn't checked.

• Permitting youngsters to use Facebook unsupervised. Facebook limits its members to ages 13 and older, but children younger than that do use it. If there's a young child or teenager in the household who uses Facebook, an adult in the same household should become one of their online friends and use their email as the contact for the account in order to receive notification and monitor activity.

Free security programs

Consumer Reports State of the Net survey found that 40 percent of online U.S. households had at least one virus infection in the past two years so it's important for consumers to protect their computers with security software. Although almost all new PCs come with a free trial version of a subscription security suite from a company such as Symantec or McAfee, CR's latest tests confirm that consumers can skip paying for these programs and still be safe online.

Avira AntiVir Personal 9 offers ample protection for most -- free of charge -- and was among the best anti-malware programs, but it persistently tries to sell you its untested $27 pay version, which adds some features. Microsoft Security Essentials is also free, but less obtrusive. Although it scored lower overall than Avira, Microsoft's program was a little better at identifying Web sites that host malware.

Consumers willing to pay for special protection or extra features such as a spam filter and a browser toolbar should consider Symantec Norton Internet Security 2010 ($70) or BitDefender Internet Security 2010 ($50). Both security suits include firewalls that are a little better than those built into recent versions of Windows, as well as fine anti-spam protection.

According to CR, Symantec's suite is one of the best products tested for detecting websites that host malware and for speed in scanning a hard drive for threats. BitDefender costs less and can work with non-Microsoft e-mail programs such as Thunderbird.