Now that the first victims of the Heartbleed web vulnerability…
Should I put my phone number online?
Recently a controversy erupted over Facebook Phonebook, an app that shares users’ phone numbers without permission. Generally, Facebook can only share your number if you posted it and made it public via your privacy settings. However, by synching with your smartphone’s contacts, this app can share a phone number that has not been published. (This link will show you exactly how to hide your number on Facebook, though it won’t prevent your friends from possibly sharing your number with Phonebook.)
All of this talk has led me to wonder: should I put my phone number online?
I don’t know about you, but I am really paranoid when it comes to putting my details online. I don’t just worry about the ultra-sensitive information, like bank details and card numbers. I worry about my identity, my name, date of birth, my address and my phone number.
I’ve given the issue some thought to try to work out what it is that I am worried about and whether I am being a little too cautious. After all, I have found it useful to look up my friends’ phone numbers on social media sites when my phone has let me down, so why should I withhold the same information from them? I am quite security conscious, so I probably have less to worry about than the average internet user.
But what might the average internet user have to worry about?
By far the most common threat is that which gives a criminal direct access to your finances. Your bank details can be stolen in a number of ways. There is no point in making it even easier by broadcasting your account numbers, card numbers or passwords. Other information, like your address and number, might be useful if it comes paired with your bank details, but they are not usually needed for criminals to make a profit from your account.
By social sabotage I mean anything that could ruin your reputation with your peers. You can socially sabotage yourself by allowing your boss to see a photo of you hosting a late night party in the office. Your (one time) friend can publish the picture without your consent. Both of these problems are common and they are a reason to be careful about who you invite into your social circles and of what you say and do.
A lesser problem is that your account is hacked and your reputation is ruined by an action supposedly performed by you. This is not as common. It is most likely to happen if you have immature friends, rebellious children or a jilted ex-partner and can be prevented by having a completely secret and impossible-to-guess password.
This is where you would have to worry about putting your address and phone number online. It is not very likely to happen though. It is most likely to happen as part of a banking scam and for that, as already mentioned, your phone number and address tend to be of secondary importance compared to your card numbers and account details.
The other thing you should know is that if anyone wants to find your address and phone number online, the chances are that they already can. It doesn’t matter if you did not publish them anywhere yourself. Phone directories are online and have been for some time. I found three services in Finland alone that claimed to be able to give me the personal details of people I know if I logged in to their services. For the USA, there are sites like Spokeo.
These sites do not only give out your phone number and address, regardless of whether you know their existence, but they often collate other data. They will tell other people what you have posted in Yahoo! Groups (the titles of these posts are visible even if the group is private). They will gather your date of birth, gender, relationship status. Some may even gather photos of you. Your house. Your children. Whatever seems to be related to you online.
All this information is out there already. These sites just make it easier to find. Most of the time no-one is going to use those sites and there is no need to worry. If you are paranoid then you can search for yourself and hunt down all the places your information is being leaked from. Usually the only reason to be this paranoid about your data is if you know that someone is out to get you! By this I mean that you are involved in a legal matter or that your livelihood relies on your reputation.
There’s a very small chance that this problem will occur to you as an act of sabotage. You’ll suffer the loss of information from your online accounts, finding it deleted one day. This is most likely to happen because someone who is very close to you is angry with you. If this is happened to you, though, it is the second thing you should consider.
Before you rush to accuse someone of tampering with your accounts be aware that it is far more likely that an error with the software or website you use has caused your data to vanish. Always check with customer services first or search the internet to see if anyone else has the same problem at the same time.
Do you hold a crucial place in a business? Are you a government official? Are you a rebel to a strict governmental regime? Perhaps you’re a celebrity? Have a stalker? Messy divorce? No? Then you probably won’t ever have to worry about this.
If you ever intend to answer ‘yes’ to the above questions then it is a good idea to become more security savvy. Reading this blog is a good start, well done.
If you can answer ‘yes’ already, then you might be one of the few who are justified in being really paranoid and withholding most or all personal details from the online world. At the very least, seek advice relative to your position.
If you’ve skipped to the end looking for a summary, then the answer to whether you should put your phone number (or address) online is:
It is probably online already, but that does not mean that many people will know where to look for it.
- If you are going to broadcast it in many public places, think very carefully about who that public is. There’s no need to give all of your jilted lovers your new number, or to invite calls from the Rick Astley Fan Club that you left all those joking insults with. If that’s the kind of thing you get up to, keep your personal details to yourself.
- If you are going to put your phone number and address into a web form, think carefully about the legitimacy of the site you are on. Is it Amazon or amateur porn? If it is not a bona fide company, then do not give away your details.
- If your address and bank details are requested, by all means be suspicious and double-check everything. To be safe, never give away more details than the bare minimum required by a service.
- It doesn’t hurt if you refuse to use online services that are not essential to you if they ask for too many details.
Finally, if you want to respond to this article, please don’t call me! Leaving a comment on the blog will do nicely.
CC image by nathanmac87.