This probably shouldn't come as a huge surprise, but apparently the Taliban is using fake Facebook profiles to spy on Australian troops.
According to a review of social media and defense by the Australian government, an "overt reliance" on privacy settings has led to a "false sense of security" among personnel. In other words -- just because you're a Facebook privacy ninja doesn't mean you should go around posting military secrets on the Internet.
Here's how it works: the tech-savvy Taliban is creating fake Facebook profiles using pictures of attractive women. They're then using these fake profiles to befriend Australian soldiers, and are gathering information based on those soldiers' Facebook updates. A big problem, of course, is Facebook's geo-tagging function, which logs the location from which posts or photos are uploaded. If a soldier posts something to Facebook while they're in the field, this pretty much gives away their location.
According to News.com.au, three Australian soldiers were murdered inside their base this month, allegedly by an Afghan Army trainee.
According to the review of social media and defense, many soldiers did not realize that people using fake profiles can capture information and movements.
"Few consider the possibilities of data mining and how patterns of behavior can be identified over time," the review states. The review surveyed 1577 Australian Department of Defence members on their social media practices and knowledge (or lack thereof) of associated risks. Fifty-eight percent of Defence staff reportedly had no social media training.
The Australian Department of Defence is currently working on new social media guidelines, which will be released by Christmas.
It's not just the Taliban...
You may not be a member of the Australian military, but that doesn't mean you should go around friending just anybody on Facebook. Fake Facebook friends and profiles have been around since the beginning of Facebook, and may be anyone from federal agents to spies to companies looking for buzz.
The obvious advice is that you shouldn't add anyone on Facebook unless you know them in real life -- hot girl or not. However, if you insist on making virtual friends over social networking platforms, here are some guidelines to keep your personal information safe:
- Add as little personal information as possible to your profile. Needless to say, your address, phone number, and date of birth (at the very least, birth year) should not be publicly available or even available to "friends only" on your profile.
- Understand how social engineers can use different pieces of information on the Internet to gather intel about you. For example, if you put your birth day and month on your Facebook profile, and you put your high school graduation year on your LinkedIn profile, a savvy social engineer will be able to put two and two together. Therefore, limit personal information as much as possible.
Sign up for Computerworld eNewsletters.