What is screen scraping?

Screen scraping is the act of taking all the information that a person has posted on their Web site or social networking page and then using the information to break into the user’s account or to commit some other fraud involving identity theft.

Social networking Web sites such as Facebook have grown exponentially in the past few years, and it’s not uncommon for people to post personal pictures and reveal personal information about themselves. People often prefer Facebook to traditional blogs because information is usually only available to people that they choose. However, if cybercriminals gain access to your Web site or social networking page, they can use screen scraping to steal your information and can pose as you. For more information about this type of scam, see Scammers exploit Facebook friendships.

You can use strong passwords and learn techniques to avoid social engineering scams, but the best way to prevent the negative effects of screen scraping is to minimize the amount of information that you post online.

Here are a few tips:

·         Do not post anything online that you would not want made public.

·         Minimize details that identify you or your whereabouts.

·         Keep your account numbers, user names, and passwords secret.

For more information, see the following articles:

·         Protect your privacy on the Internet

·         Your information on the Internet: what you need to know

·         How to reduce the risk of online fraud

·         Help protect yourself against phishing scams and identity theft

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »

Join the conversation

  1. Anonymous

    I have been informed from a fb friend that if the browers indicates http: and not https: that my security is compromised. Is this true and how do I correct?

Comments are closed.