ALBUQUERQUE, N.M. — It’s an easy thing to use your social media account as a way of logging into an app or website – easier, anyway, than creating a new user name and password.
But this approach can result in a pile of apps and websites that you might no longer use and that can leave you open to cyberattacks, phishing and other kinds of scams.
The Federal Trade Commission notes that when you sign up through social media accounts, you are giving permission for the app or website to do things on your behalf, such as posting to your social media page.
“You’re also possibly saying it’s OK to access information like your name, birthdate, location, contacts and even your messages,” the agency said in an advisory. “Over time, you may even forget which apps or sites have these permissions.”
The FTC suggests taking the following steps:
• When signing up for an app or website, pay attention to what permissions it’s asking for. If you’re not comfortable allowing access, choose “deny “or “disagree” when you see the message asking for permissions. This typically stops the registration process.
• Purge your permissions list. Do this by going to settings on the social media site and following the instructions that lead you to the list of sites and apps to which you’re granting access. Be ruthless and remove some.
• Consider setting a reminder on your calendar for at least every few months to check your permissions.
⋄ ⋄ ⋄
Here’s an unusual data breach you probably haven’t heard of – unless you rely on a Smartphone app to find a dog-walker for Fido.
Wag Labs Inc.’s app connects dog-owners with those who are willing to provide walking services at a moment’s notice, if necessary. Sort of like an Uber for the four-legged crowd.
The Wall Street Journal reported recently that Wag Labs Inc., the start-up behind the app, inadvertently exposed webpages that showed addresses and lockbox codes for customers. The company provides customers with a free lock box, where a key can be stored so the walker has access to the customer’s home.
It wasn’t clear how long the pages were accessible, and the company said they were taken down within hours. There was no indication hackers accessed the information or that any homes were broken into, the Journal reported.
Still… maybe it’s better to walk the dog yourself?
⋄ ⋄ ⋄
Jan. 31 is the deadline for taking Equifax up on its offer of free credit monitoring.
The company made the offer last year after the devastating and very high-probile breach involving at least 143 million Americans.
Anyone with a Social Security number can sign up for this freebie; you don’t need to have been a victim. Sign up at equifaxsecurity2017.com for what the company calls its TrustedID credit monitoring program.
The program covers the three major reporting agencies – the other two are TransUnion and Experian – and will send an alert whenever there’s a suspicious activity on your account.
You also get a copy of your credit report, Social Security number monitoring and identity theft insurance. After Jan. 31, Equifax will offer a free “lock-for-life” product that will allow you to lock and unlock your credit file at no cost, according to the FTC. Credit locks help limit access to your credit file in case an identity thief tries to open new accounts in your name.
Details of this service are expected to be announced after Jan. 31. Go to the website, www.equifaxsecurity2017.com, after that date to find out more.
⋄ ⋄ ⋄
Be on the lookout for this twist on the tech support scam: A message flashes on your screen that says “this virus is sending your credit card details, Facebook login and personal emails to hackers remotely.”
The message will give you a phone number to call, but don’t be tempted. It’s bogus.
Ellen Marks is assistant business editor at the Albuquerque Journal. Contact her at email@example.com or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 1-844-255-9210.