Why do criminals want my messages?

Our dedicated readers know that we’re serious about social media security. It seems like we’ve covered social media from virtually all angles. Social media security has been continuously criticized by identity protection and security industry experts. As such, mobile messaging services within these platforms – like Facebook Messenger and Direct Message – are also catching heat.

Since 2008, sites like Facebook, Snapchat, Instagram, Twitter, and even LinkedIn have begun adding mobile messaging features to their platforms. With billions of people using mobile messaging apps every day, understanding the social environment of these platforms and what to look for can help you better secure your sensitive information while using these apps.

Follow us through Part 1 of our Mobile Messaging series to learn how to determine if a messaging app is protecting your sensitive data.

Social Media: Young & Restless

The Internet boom in the early 2000s set the pace for social media development. These once-simple services have evolved into sophisticated online communities in a relatively short time. However, the continuously changing, user-first environment has raised questions about the security of these platforms and the services within them.

Are social media sites moving too fast to keep up with proper security measures?

Exchanging data on an unsecured messaging service could allow your information to fall into the wrong hands.

Social media messaging apps often appear to be “free,” but companies may choose to share user data in exchange for vendors’ services. Social media sites will note in their privacy policies if your data could be shared with third-party vendors. While it’s perfectly legal, it illustrates how easy it is to gather and share user information through these services.

A Brief Social Media History

Facebook – 2004

Twitter – 2006

Originally, Twitter’s purpose was to give users a place to post short text updates. Today, it’s a booming multi-purpose social community with around 319 million monthly active users.

Instagram – 2010

Instagram followed a similar model to Twitter, offering a platform for users to post updates – but with photos. Since its inception, Instagram has expanded the platform to include videos, live “stories,” direct messaging and more.

Snapchat – 2011

While Snapchat is the newest social media platform in this list, it’s grown faster than any other platform. Snapchat allows for “disappearing photo and video sharing” among friends. In 2014, Snapchat released a major update that added live “stories,” customized filters and direct messages – assumedly to mirror other popular social media platforms.
Source: AdWeek

Improve Mobile Messaging Security

Overall, encryption, metadata storage and the ability to delete messages are three key features to look for when determining the security of a mobile messaging app.

Encryption: Is my data protected?

If a mobile messenger is secure, your messages should be encrypted – ideally through end-to-end encryption (E2EE). Encryption scrambles information while in-transit, so it can’t be read if intercepted. E2EE is the best form of encryption because it means only the sender and the recipient can read the contents of the messages. It is especially important in the social media environment because it prevents third-party vendors, law enforcement officials and hackers from accessing your sensitive information.

Metadata: How much info about my messages is stored?

A secure messaging app will also limit the amount of metadata it stores from your messages. Metadata sounds like a complicated term, but it simply means “data about data.”

Protecting metadata is just as important as protecting your messages because it can reveal more information than you may think. Your location, contacts and usage habits can be easily determined by looking at metadata. Unfortunately, metadata is often under-protected, which is why it’s important to know how your messaging service uses that information. Companies will often share metadata to third-party partners to improve marketing and advertising.

Delete Messages: How hard is it to get rid of messages?

Most mobile messaging apps will allow you to delete messages from your device. And some secure messaging apps, like Telegram and Signal, allow you to delete data on your device if it’s lost or stolen.

But what about the messages you’ve already sent that now live on the recipient’s device? Secure messaging platforms should allow you to delete messages from both your device and from others’ devices. Additional delete features include self-destructing messages that disappear from both participating devices after a set time.

What should I do?

Review your app’s privacy policy for more information about how a company uses your data. As always, be sure to protect your passwords and turn on multi-factor authentication to give your already-secure app an extra layer of protection. Don’t forget to check out Part 2 of this series coming in September where you’ll find out which of your favorite messenger apps are the most secure – and which ones didn’t make the cut.

Continue following Fighting Identity Crimes to stay up-to-date on the latest breach and scam news, as well as tips from our industry experts on how to continue protecting your information and securing your identity.