Lessons from the ‘You’ Netflix series – Four tactics to prevent cyberstalking

I remember first seeing memes for the Netflix series “You” on Instagram—ironically, since the show focuses on using social media as a privacy invasion tool. The number of memes—and the fact that many were downright creepy—tempted me to watch the first episode and I was hooked.  If you haven’t seen it, here’s the TLDR: Joe stalks Beck first and then a woman named Love, scanning their social media for location clues like seagulls watch for french fries.  I must admit I learned a few things not to do on social media from the show.  We live in a world where digital and physical security merge and what we do on one affects the other.

So, what are the cybersecurity lessons from watching “You?”

Be smart about posting times

Within three minutes of scrolling through Beck’s Instagram feed Joe knew who her friends were, her family history, and frequent spots she visited on her daily routine.  In my own life I used to go out taking pictures of my food, tagging the location, tagging my friends and then captioning “Favorite sushi place!” After watching how easily Joe targets women with these details, I wait until I am at the next spot before I share.

Post your photo after you go somewhere. Give less detail about your location.

Private profile? Consider it

Love’s social media account was public–giving Joe the opportunity to track and storyboard her habits.

Changing your profile to private can be hard advice for marketers like me, or for influencers with a large following.  If you choose to stay public: keep an eye out for fake accounts with ambiguous profile pictures. Treat profiles without a visible face (or few followers) with suspicion.  Ask, why are they liking all your posts? If your accounts are private, then before accepting a friend request, make sure that you know the person and treat their profile with caution if it has only landscapes (and they’re not a travel writer).

Don’t use your pet’s name as your password

That cute pet video could take its revenge. Pictures of pets, names of families, and tagged home or vacations spots all make it easy for hackers and strangers to guess our passwords and grant access to important accounts like online banking and email.

Choose an unguessable password or passphrase that can’t be tied to something discoverable. Using a password manager like LastPass or Dashlane only require remembering a single password.

Remember the pickpocket

If your phone ever gets stolen or lost, you can’t afford a stranger or hacker looking through your pictures, text messages, social media accounts, your bank accounts, or worse. Imagine your last selfie getting posted to your LinkedIn account by someone angry; would your employer be understanding, or upset that you didn’t protect your accounts when you could?

Add MFA (multi-factor authentication) to all your accounts that support it, especially those governing central access (like your Google, Windows, or Apple ID) and your social media.  Protect your identity from compromise before it gets stolen; services like Norton LifeLock only work after the fact and are useless against attacks like ransomware.  The Rubica app is another way to mask your identity and location outside of what you choose to share online, protecting your digital identity before it gets compromised.

Stay safe out there, and be careful what you post…