A Survey and a Case-Study Regarding Social Media Security and Privacy on Greek Future IT Professionals

Abstract

Nowadays, social media and social networks are increasingly used in business as they have drastically changed the way the community works, communicates, collaborates, socialises, creates content and shares knowledge and ideas. However, in particular, IT professionals and practitioners need to be aware of online security and privacy issues and the potential negative impact that they may cause on different aspects of business, such as online breaches or information theft. The use of social media inevitably leads to disclosure of personal information, with the use of open-source intelligence (OSINT) and other similar techniques. Hence, the aim of this article is twofold, namely first to show results of a survey towards future Greek IT practitioners regarding awareness and viewpoints of social media users concerning security and privacy on social media. More specifically the study was based on responses and viewpoints of 178 Greek electrical engineering and IT students to an online questionnaire. Secondly, the aim is also to show how easily a potential malicious user can anonymously track and retrieve sensitive personal information in an automated and undetectable way from popular social media platforms by using publicly available information, resources, and tools. The results of the survey show that most of the respondents are aware of the privacy settings of the social media platforms they use. However, they consider that they should be more careful concerning personal data and whom they add as friends or followers and they do not feel comfortable with the fact that a stranger might be able to access their personal information through their publications on social media platforms.The case study indicates that it is possible for malicious users to acquire sensitive personal data (e.g. user's location via tweets and instas from smartphones). In addition, the ability to map activity could allow malicious users to track the activities of unsuspected users and predict their future locations.