Sharing personal information online

Every detail you share online about your life and the extended group of people you interact with is stored somewhere. Understanding the way this information accumulates is critical.

People post resumes that include hobbies, past employers, past addresses, and professional associations. People post highly personal and identifiable information on blogs. On travel sites you may reveal your excitement about an upcoming trip. Perhaps you are exposing friends and family’s e-mail addresses by  forwarding e-mails.

  • Employers need to consider the level of information they share about employees. Consider carefully how much information is appropriate to include in an employee bio that is posted on your company Web site. How much should be visible to other employees on your intranet? When you attend a conference is the attendee list shown in online conference documents? If your company encourages employees to leave out of office messages on their e-mail be aware that these may reveal when an employee will be away from home and make him or her a target for burglary. And you will probably never make the connection between the online information exposure and an offline crime.
  • Schools should be cautious about exposing student information on their Web sites if those sites are viewable by the general public. Posting photos and identifying students by last name can place the student in harms way. Posting schedules of after school activities along with information about what activities a student participates in can give an online criminal a physical location and time where he can find that student.

Before you share any information online consider how sensitive the information may be if it is abused, and who you want to share the information with. If the information is general in nature or restricted to a site that is not available to the general public, there should be little risk in sharing it. However, if the information identifies you, your possessions, or someone else in some way you may want to limit access to that information or not post it at all

Here are some categories of information you may want to consider as you determine what you are comfortable sharing or having others share about you publicly. This list does not presume to be a definitive inventory of identifying information. It is intended only to get you thinking about what you share and where you share it.

  1. Your name and the names of family members and friends (mother’s maiden name is often a password reminder or reset verification)
  2. Ages and genders of you, your parents, your children, or grandchildren.
  3. E-mail addresses, user IDs, nicknames, and domain names should not include information such as your name, age, birth year, birth date, social security number, city, state, hobbies, emotional state, zodiac sign, or other information someone might easily find out or guess.
  4. Address, including home, work, or any other place you will predictably be found such as at school, attending social clubs, visiting health clubs, and so on. If city and state information can be combined with a piece of secondary information such as a local sports team name, local newspaper article about you (including birth, wedding, graduation, or death announcements) you may be very findable.
  5. Locations of others close to you, including parents, children, and friends.
  6. Phone numbers. This includes home, mobile phone, work number, or friend’s numbers.
    • Keep in mind that with caller ID, your number is exposed when YOU call someone as well. It is no longer enough to tell children not to give their phone number out. They also shouldn’t call or text message with people they don’t know.
  7. Passwords.  Choose strong passwords and don’t use the same password for all of your online activities; if that password is ever compromised, everything is compromised.
  8. Personal numbers. Bank accounts, credit cards, debit cards, PIN’s, phone calling card, SSN, passport, driver’s license number, birth date, wedding date, insurance policy numbers, loan numbers, VIN numbers, license plate, locker combinations, student ID, and more can help to identify you or put you at risk.
  9. Photos that make you or other family members or friends identifiable, or show locations such as your home, school, or place of employment.
  10. Information about others. Don’t place information about others online without first obtaining their express permission and ask your friends and family to do the same for you.  

To top

Sending and receiving e-mail

E-mail is short for electronic mail. People use e-mail to exchange messages and send and receive attachments such as photos, music, or videos. Unfortunately, e-mail's usefulness is undermined by spam (unsolicited messages trying to sell you something and spam scams that try to trick you out of your money (also known as phishing ).

Ten safety tips for sending and receiving e-mail

  1. Choose a safe e-mail address that doesn't give away personal information.
    • Pick one that doesn't help identify or locate you. For example, reveals enough for someone to find Susie-her name, age, and small town in Australia.
    • Avoid using flirtatious names like "2sexy4U" which may cause unwanted attention and expose you to greater risk.
  2. Make sure your full name is not exposed by your e-mail service by listing your full name on e-mail messages you send.  Your real name displays by default on many of the major e-mail services, so whoever you e-mail can see your full name as well as your e-mail address. Because a last name and an online people directory may be all it takes to locate your family, look up your phone number, and have a sense of your income bracket based on the location of your home, you may want to avoid having your last name display in your e-mails. Check your e-mail help to find out how to do this.
  3. Don't share sensitive personal information in e-mail.
    • Never share passwords, social security numbers, credit card information, and the like.
    • Pay attention if you use an automatic e-mail signature. This is a handy feature because it typically provides your full name, address, and phone numbers. But if it's inserted automatically in all your e-mail responses, you might unwittingly reveal more information than you intended to people you don't know, especially if your e-mail is forwarded to others.
  4. Consider who you want to e-mail with. Remember: a friend of a friend is a stranger. Just because someone sends you an e-mail doesn't mean you need to read it or respond to it. You may choose to block messages from specific senders, or restrict your e-mail from anyone not specifically on your contact list. Find the instructions for how to do this in your e-mail service help. Think twice before you open attachments or click links in e-mail-even if you know the sender.
    • If you don't know the sender, delete the message; if you do know the sender, double-check that an attachment or link is safe to open. If your friend doesn’t remember sending you the attachment, delete the message.
    • If anyone sends you inappropriate material, report it to your ISP (Internet service provider) or the police, if appropriate. Encourage your kids to tell you about anything they receive that upsets them.
  5. Don't be fooled by phishing. Be very skeptical if you receive an e-mail that looks like it is from your bank, broker, or other trusted company but asks you to verify or re-enter sensitive personal or financial information through e-mail, a Web site they direct you to, or a phone number they provide. It is quite likely a scam. Type in your own link to the bank or company or look up the phone number yourself.
  6. Avoid typing sensitive information into a public computer such as those found at the library or an Internet cafe. Sensitive information includes your name and phone numbers, account numbers and passwords, or home or e-mail addresses. An industrious thief might install a kind of spyware that records your every keystroke. Never select the feature that automatically logs you on to e-mail when you start the computer, or accept a "Remember My Password" option.
  7. Be cautious about meeting someone you know only through e-mail in person. Everything someone tells you about himself and his motivation for meeting you may be completely true - or completely false. If you decide to meet someone, never go alone, make sure others know where you're going, meet in a very public place, and keep your cell phone handy.
  8. Consider what you're saying and sharing in e-mail and how you would feel if the information was shared. Anything you say in e-mail can be forwarded to others or monitored by employers or other family members.
  9. Report e-mail harassment or bullying. As in real life, this is unacceptable behavior and in some cases, illegal. Report harassment or abuse to your service provider. (Every service should have a clearly visible Report Abuse function; if it doesn't, consider switching providers.) If you feel at physically threatened, report the abuse to your local law enforcement agency as well.
  10. Help protect children who are using e-mail.
    • For younger children, use a service that enables you to limit your child's contacts to people you both know and allows you to monitor who they're talking to.
    • Have a discussion with teens about who they communicate with and what they talk about. Set boundaries that match your family's values and your child’s age, reassessing these boundaries periodically as your child matures. Caution them not to list their e-mail addresses publicly, or respond to e-mail from strangers.



Teach them that entering sweepstakes or filling out quizzes that require them to enter their e-mail address is one of the quickest ways to have an e-mail alias sold to spammers. They should always guard their e-mail account information.

Send e-mail to a group safely

Any time you send or forward e-mail to a group of people who don't know each other, you can protect everybody’s identity by placing all the e-mail addresses on the Bcc (or Blind Carbon Copy) line of the message address feature. That way no recipient can see the other recipients’ e-mail addresses and your friends' e-mail addresses are protected from spammers.

Every e-mail program has a Bcc: option on its e-mail form (the place where you address and enter the content of a message). Search in your e-mail program's Help if you can’t find this feature readily.

Tip: You may also want to include a message like this at the bottom of your e-mail messages as a reminder:

Note: To protect my privacy, please do not expose my e-mail address to others. If you're sending e-mail to a group of people that includes me, please put my e-mail address on the Bcc: line only.

Creating safe e-mail aliases

The more pieces of information you provide in your online identity, the more clues you give predators of any kind – whether their intent is to cause financial, emotional, or physical harm. Your choice of an e-mail alias, such as is one way you can expose your identity. The safest personal e-mail alias or nickname (versus your work e-mail over which you have little control) for users of any age does not provide identifiable information, such as:

  • Names – first, middle, or last names
  • Age – birth year, birth month, or day; or any astrological sign that can help provide this information such as ‘Leo, born in the year of the Monkey.’
  • Location information – city, town, country, or region such as Northwest. Don’t give your school name or employer in your personal e-mail alias.
  • Sexual or physical suggestion – Certain words such as ‘hot’ or ‘sexy’ let others know how you want to be perceived, while words like ‘snuggly’ or ‘lonely’ suggest an interest in intimacy that predators can take advantage of.
  • Work descriptor – Teacher, engineer, dentist, or a description of your place of employment.
  • Emotional vulnerability – words such as sad, grieving, lost, suicide, and lonely place you at risk; there is always a criminal waiting to be your ‘best friend’.
  • Risk behaviors – names that speak of drug use (littletokr), criminal activity (carjacker), or violence.
  • Ethnic identifiers - may increase the risk of hate crimes, or may help identify you (Asiandoll, N8tive (native), and mixed, for example).
  • Hobbies or sports – An unusual sport such as polo or barrel riding, or sports that imply a specific socio-economic bracket, or are only done in a few locations (skeet shooting or bull fighting, for example) are more identifying than baseball or soccer. Predators can use such interests to make a personal connection with a victim.

NOTE: Employers or schools may have defined domains ( and assigned protocols for your name – even using your full name. It is important in these cases that you do not tie additional pieces of personal information to that account. 

Using multiple e-mail accounts

It is a good idea to have additional e-mail accounts if you sign up for newsletters, sign up for services that require an e-mail account, or communicate with groups where you may not know some of the members personally.

Using different e-mail accounts helps you compartmentalize your privacy and safety. If one account is breached, the others are still safe. On some sites you can use the e-mail account provided by the site (reputable services that involve communicating with other members, such as dating sites, should provide this feature). Using a separate account, if you connect with the wrong type of person, you can abandon the account without having to change your main e-mail account

Managing Spam

Spam is e-mail sent in bulk to recipients who have not requested it from senders they usually do not know. Spam can be transmitted over any Internet-connect device (such as a computer, cell phone, or PDA). Spam is a cheap way to market products or services, but it is illegal in many countries.

Nearly 70% of all e-mail traffic in the world is spam. In 2007 one study showed that there were 90 billion spam messages sent a day. While there are serious efforts by Internet service providers to block junk e-mail, determined spammers are making equally serious efforts to find ways to keep filling your inbox. They constantly evolve new methods of fooling the anti-spam filters.

Understand the anti-spamming capabilities of your e-mail provider and set up the service to flag spam or put it in a separate ‘junk mail’ folder. Review this folder periodically to make sure legitimate e-mail hasn’t been placed there, and then delete the spam e-mails without opening them. Stay up to date on spam tactics and, when in doubt about the origin or intent of an e-mail, delete it. If you really want to eliminate all spam, consider using an e-mail service that requires senders to authenticate themselves, something automatically generated spam can’t handle. There are several companies that offer this for a relatively low cost.

Always have strong anti-spam, anti-virus and anti-phishing tools installed and set to update automatically. Don’t open links or attachments from someone you don’t know (or even from someone you do know, if you weren’t expecting the attachment. Many viruses take over users address books and spam all of their friends with malicious attachments knowing you will be more likely to open an attachment from a friend).

Forwarding chain e-mails

An online chain letter may be amusing, or it may be dangerous. Many urge you to take some action online that makes you the target of a scam or forward the message to your friends. By forwarding a chain mail you may be helping spammers collect new e-mail addresses to target and sell to. Anyone whose e-mail address includes their full name or other identifying information, or who uses an e-mail service such as Hotmail or Yahoo! that expose full names as well as e-mail addresses, may also be exposing themselves to other types of crime.

If you choose to forward an e-mail to a group, do so safely. It is better to copy the content and put it in a new e-mail and delete the names of everyone previously on the chain. Place your e-mail address on the ‘To:’ line and place everyone else’s e-mail on the Bcc: line.

To top

Sending and receiving instant messages (IM)

Instant messaging (IM) used to be referred to as real-time e-mail. It used to only be synchronous, meaning that two (or more) parties communicate in real time, without any delay. IM programs now let you create a message that is held until the recipient(s) next comes online.

Today you can use IM to text, talk as if you were on the phone, send photos, videos, and other files, see participants via webcams, and get and send e-mail. Some IM services also allow you to search the Web, find others using Global Positioning System (GPS) technology, listen to music, watch videos, play games, bid on auctions, and more.

IM can be sent from a computer to a mobile phone or from a mobile phone to another mobile phone. If you have included your mobile phone number as part of your IM profile, then anyone who can see your profile will be able to view it. This is valuable information for a predator, so it is important to consider whether you want your number exposed, especially if there are many people on your contact list you do not personally know.  Teens often have a broader set of IM 'friends' they have never met, so it is important to discuss the safety of displaying their phone numbers with them.

Nine safety tips for instant messaging

  1. Choose a safe screen name that doesn't give away personal information.
  2. Understand that IM is not a secure communication channel so you should not share sensitive personal information when you use instant messaging.
    • Never share passwords, social security number, credit card information, and the like.
    • Be careful about the information you show in your status bar. Avoid showing emotional vulnerabilities to people you don't know well, or saying you're on vacation, etc. as these can be useful pieces of information to people who want to exploit or steal. Most services allow you to keep your online status private, so you simply appear to be offline.
  3. Consider who you want to use IM with. You create ‘buddy lists’ in instant messaging programs and enter the online addresses of people with whom you want to exchange instant messages. Most services allow you to block messages from anyone not on your buddy list. Most adults know everybody on their buddy list, but this isn’t the case for teens who may be less selective. Often one-third of a teen’s buddies may be people they’ve never met. Remember: a friend of a friend is often a stranger.
  4. Sending photos, documents, and links in IM is an easy and convenient way to share with others. However, you should think twice before you open attachments or click links in instant messages unless you know the sender and are communicating with that person at the time, or are expecting the material. Links or attachments sent out of context may indicate that the sender’s IM has been infected with a virus.
  5. If anyone sends you inappropriate material, report it. If you need to document the material, don't shut down the computer; instead minimize the application or turn off the monitor and seek advice on how to report the occurrence. Inform your ISP and the police, if appropriate. NOTE: if the material is illegal content – like child pornography - downloading or continuing to view this for ANY reason is illegal.
  6. Be cautious about meeting someone you only know through IM in person. If you decide to meet someone, never go alone, meet in a busy public place, make sure others know where you're going and when to expect to hear from you. Always have your cell phone handy.
  7. Think about how to use the IM features safely. For example, some IM games may contain mature material, and you may want to limit voice and video interactions with people you haven't met. Kids should be advised to never give their online friends remote access to their computer via IM.
  8. Consider what you're saying and sharing in IM and how you would feel if the information was made public. Anything you say in IM can be forwarded to others. If you are at work it can be monitored by your employer.
  9. Report harassment or bullying to your service provider. As in real life, this is unacceptable behavior and in some cases can be illegal. Every service should have a clearly visible Report Abuse function; if it doesn't consider switching providers. If you feel physically threatened, contact your local law enforcement agency immediately.

Protect children using instant messaging

Here are some tips to help keep younger children and teens safer when they use instant messaging:

  • For younger children, use a service that allows you to limit your child's contacts so they can only send IM to people you both know and monitor who they're talking to. 
  • Have a discussion with teens about who they communicate with and what they talk about. Set boundaries that match your family's values and their age, reassessing these boundaries periodically as they mature.
  • Caution them not to list their IM names publicly, or respond to IM from someone they don't know personally. In your instant messaging program look for options to set your profile as private, and manage who is allowed to send you instant messages.
  • ‘Friends of friends’, or social networking, is all about connecting people with common interests. Limiting access to your information is harder using this approach and tracking or stalking you is far easier. Approving someone to be a friend may give that person far-reaching access to information, one of the real concerns about adding strangers to your buddy list or social networking list.

To top