Topmail Blog

Security Features, Announcements and Updates

— 3 min read

Can a simple social login jeopardise your privacy and online security?

Don't let your data fall into the wrong hands when using Google or Facebook to login to other services

There are over 1.59 billion users of Facebook worldwide and over 900 million registered Gmail accounts. If you, like so many others, have a social media account and/or use a free email service such as Gmail then you inherently have a vast amount of personal information stored (and sold) online. Your information becomes a product to which companies, such as Facebook and Google, sell to other business so as to target you with adverts.

Having such volumes of personal information online not only leaves you open to direct marketing from companies looking to push products and services at you, it also provides an opportunity for your personal data to fall into the wrong hands, very easily!

A short but powerful video released by CIFAS UK, who are a not-for-profit company working to protect businesses, charities, public bodies and individuals from financial crime, highlights the vast amount of information a company can gain from you from a simple “Like” of their business page. See their #Datatogo video below which has gained over 200,000 views in its first 2 days of being uploaded:

As you can see from the video, the people are quite amazed at the basic private information that the coffee shop could pull within minutes of a simple “Like” to their business page. Now imagine, if you are one of the 900 million people who use Gmail or another free email service, the personal data they could pull on you is enormous. They have access to read and monitor everything you send and receive through your account, regardless to how personal or sensitive that information may be.

You might ask yourself at this point, how could your personal information fall into the wrong hands if it’s left in the trusted hands of Google? Well the answer is quite simple. In an effort to have a more seamless and time reduced journey through the internet users have become more accustomed to using the “Social Log-in” option when signing up to a new service or app.

Logging in to a website using a service such as Google allows the website to make a request for data about you. The exact data that the website is requesting pops up in a window asking for permission. Saying yes to that request adds one more tiny bridge between the virtual islands of your online self.

This seemingly small agreement can carry larger repercussions. Linking two or more sites allows companies to collect more data, building an increasingly rounded profile about you. Allowing one account to have access to others means that if the least secure account is hacked, the rest of your data could also be compromised.

The benefits of sailing smoothly past log-ins and account registrations often mean we’re happy to trade away some data privacy. Two things to take note of if you do decide to log in using your Gmail account:

  • Be aware that if you choose to log in with your account, some of your data will be shared between your account and the third-party app or website.

  • Never use your main account to log in to a site whose security you don’t trust.

Don’t underestimate the amount of information that your free email service provider has on you. The service is “free” because you are the product which is being sold to generate vast amounts of income. If you value your privacy then you should really consider using a private and secure email service and refrain from using the social log in option, in particular with websites to which you have no prior knowledge of or don’t trust.