Back in 2019, I was designated to be the company's Data Protection Officer. While I was simultaneously working as a full-time web developer, the task was extremely challenging and, I must admit, daunting. I managed to get the Company registered to the National Privacy Commission, attended the Privacy Awareness Week 2019, and shared some online safety tips inside the organization that helped them elevate their cyber hygiene. Today, I realized that Data Privacy Awareness shouldn't be limited inside everyone's workplace. In this article, I'll share with you the same safety tips I shared with my colleagues back then, adding my personal insights on how I practice them myself. You can also check this list from the NPC Website.

This is 30 Ways to Love Yourself Online: Part 2 of 3. Click here if you want to jump back to Part 1.

Table of Contents

Tip #11: Clean up your Facebook Third-Party Apps.
Tip #12: Clean up your Facebook Groups.
Tip #13: Set up your Facebook Privacy Settings.
Tip #14: Unfriend Facebook friends you don’t know personally.
Tip #15: Update your Facebook Timeline and Tagging Settings.
Tip #16: Don’t be too public.
Tip #17: Check and clean up your spam folder.
Tip #18: Be wary of phishing emails.
Tip #19: Avoid using work e-mail addresses for personal matters.
Tip #20: Unsubscribe from unwanted newsletters.

Tip #11: Clean up your Facebook Third-Party Apps.

While they are a fun way to find games or see which celebrity you look like, third-party apps on Facebook can and too often send your personal data to at least 25 outside data companies, so it is definitely a good idea to remove permissions from unnecessary ones.

Meta, the company of Facebook, recently announced discovery of password-stealing apps who disguised as "fun or useful" services and were in Google and Apple's stores. The apps often require users to “Log In with Facebook” before they can access the promised features. While they removed them promptly and contacted impacted users to reset their passwords, it's unclear what data has already been exposed. To be safe, quickly go to Settings › Security and login > Apps and Websites, then remove all unnecessary connections.

Tip #12: Clean up your Facebook Groups.

The more Facebook groups you join — especially the big, open ones —the more likely you are vulnerable to identity thieves. Other members within these groups are not restricted from viewing your primary data.

Try this now, go to Groups > Settings (Gear Icon) > Membership. Then sort by Most Visited. You'll be surprised how many groups you can only remember or you probably won't know you joined some of them. I'm pretty sure you will feel very fulfilling and satisfied after.

Tip #13: Set up your Facebook Privacy Settings.

Setting your Facebook privacy protects your content from predators, stalkers, and identity thieves. Not everyone has to know what you’re doing every minute of the day, especially if it’s information on your vacation details or bank accounts.

To start, click on your profile found in the upper right corner then select Settings & Privacy > Privacy Checkup. Facebook beautifully organized these settings by topic.

Who can see what you share
In this topic you'll be able to adjust the visibility of every data you share. From phone numbers, emails, work experience, or even your birthday. You can also select the default audience of your posts. Lastly, you can review your blocklist to add more or remove any.

How to keep your account secure
This topic will help you make sure all the following is okay and active:

  • Your password is OK

  • Two-factor authentication is on

  • Login alerts are on

How People Can Find You on Facebook
Here you'll be to control who can search your profile and using only what. Specifically you can configure visibility for:

  • Friend requests

  • Phone number and email

  • Search engines

Your Data Settings on Facebook
You can remove here any apps and websites that you no longer want to use. This will help you remember the apps you shared your data with.

Your ad preferences on Facebook
We all know facebook monetize their app using Ads. This will guide you what information you currently have with Facebook that they share with Advertisers to provide you the appropriate content.

For added security, you can also check their new Privacy Center.

Tip #14: Unfriend Facebook friends you don’t know personally.

With too many people’s names, birth dates, education, and work history available online, bogus accounts can easily duplicate a person you may know or want to be friends with. These bogus accounts can target you for identity theft, malicious links, or spam attacks.

It's better to do this step on mobile so you can sort by the most recent or vice versa. Like me, you probably have lots of friends who have accounts that are now inactive, or let's say you accidentally added many people before for the sake of making your friend's list full. This will help minimize the risk of getting contacted by a hacked account of your old friend which they may not be aware of.

Tip #15: Update your Facebook Timeline and Tagging Settings.

Sure, you can untag yourself from unwanted, unrelated, or embarrassing posts and photos, but for things like this, prevention is always preferred. Set up your Timeline and Tagging so that you can have an immediate say on what does and does not make it on your page.

Have you ever been tagged to annoying promos, or like and share contests? You can easily control who can see the posts you're tagged in or even review them before it can be posted on your timeline. Just go to Settings > Privacy > Profile and tagging.

Tip #16: Don’t be too public.

While sharing details about your life can be fun and exciting, there are just some things you should never, ever share on social media. Things like your home address, vacation details, ticket numbers, and the layout of your house should always be kept private.

Yepp, your motto "My life is an open book" won't work anymore on this era. I know you've probably shared a lot but fortunately there's an easy way to change all those public posts. Just go to Settings > Privacy > Limit Past Posts. If you choose to limit your past posts, posts on your timeline that you've shared with Friends of friends, and Public posts, will now be shared only with Friends. Anyone tagged in these posts, and their friends, may also still see these posts.

Tip #17: Check and clean up your spam folder.

Be wary of e-mails that come from people you don’t know, contain misspellings (i.e. ‘p0rn’ with a zero) designed to fool spam filters, makes an offer that seems too good to be true, or contain attachments like .exe files.

Most email providers help you determine spam emails but sometimes they try different characters and spellings you won't notice immediately and this bypasses the spam detection. If ever you receive something suspicious or the grammar and spelling seems wrong, help your provider by reporting it and mark as spam. Finally, make it a habit on keeping your spam folder empty.

Tip #18: Be wary of phishing emails.

Phishing criminals typically send emails to thousands of people, pretending to come from banks, credit card companies, online shops and auction sites to trick you into going to a fake site and entering your personal information.

Most hacked accounts come from phishing emails. There are a lot of very deceiving emails out there trying to trick you that you're a very important heir of a dead billionaire from Antarctica. They can even copy almost perfectly the email design of your favorite bank and send you credit card payment notifications. The most recent type is when you receive an unexpected email that someone is trying to open your account and you need to change your password immediately. However when you open that link it will ask you your current password without knowing it's a fake change password page, giving them access to your account while you're very busy trying to lock it. So some tips from me and remember this very carefully:

  1. Check the origins of that email. Don't just check the name of the sender as that is something anyone can customize. So click the From field on you should be able to see the actual email. It's usually in the format of e.g theirfake@email.com <theirtrue@email.com>. If it came from your bank, check to see if it's their correct website domain and compare that to the mailed-by and signed-by fields. Most importantly, check if it sent over secured protocol SSL/TLS.

  2. DO NOT CLICK too good to be true emails. You may receive something that YOU WON a prize but always ask yourself if you join any contest. If you receive an OTP and you never did anything recently, don't click any links on that email. Best to do change password or login to your usual channels like their correct website or the correct mobile app on your phone. That same idea applies to any of your online activity like shopping or payment receipts.

  3. If you think that email is a spam or suspicious, report it immediately and mark as spam so you won't ever receive them again.

Tip #19: Avoid using work e-mail addresses for personal matters.

Company e-mail addresses are typically controlled by your IT people and can be accessed by your bosses, so it’s best to keep personal matters outside of work. Moreover, your work-email address is usually an easy target for spam and viruses, especially if it’s listed in your company website.

If you have a job that requires you to login or use different websites, better use what's provided by your company and make sure there's no relation to your personal email. This will help you secure any access if ever one gets hacked or involved in any leak. Very important tip: Create a separate Browser Account using your Work Email. This will make sure your cookies and browsing data is separate from the other one.

Tip #20: Unsubscribe from unwanted newsletters.

Unsubscribing from the newsletter you had to sign up for two years ago to get a free item would do wonders for your e-mail inbox and for the safety of your personal information.

This mostly happens on personal emails where you just have the reflex to ignore newsletters. If you're not interested or you can't even remember if you subscribed to any of them, check and remove your email from their list by unsubscribing. It will help you clean your inbox plus it saves yourself from the risk of being involved from any future mailing list leaks. Always remember, websites earn from selling data. You'll never know if the mail you subscribed 4 years ago have never sold your email to anyone.


Next Article

In the next article of this 3-part series, we will talk about the other 10 tips of Personal Data Privacy. Stay tuned!

Jump to Part 3 of 3