As the business world adapts its customer service strategy to include social media, there can be the unintended benefit of allowing scam artists an opening into the private lives of customers. More and more companies (including Citi) are reaching out to customers who mention them on Twitter or on industry blog sites. But just because somebody may reply to your Tweet or call you on the phone and mention your comment doesn't mean you should let your guard down.
Whether you are a long-time user of social media or new to using social media to take care of your personal finance, we thought we would put together a few tips on how to protect yourself from those looking to acquire your personal information:
1. Never put your account number, social security number or any other personal identifiable information in a comment on a blog, Twitter post, Facebook status, message board or any other forum where others can see it. There are people out there who spend their days just looking for somebody to make that mistake, and it can be a costly one if your information falls into the wrong hands.
2. Citi maintains several Twitter accounts, including @Citi and @AskCiti. On each of the Citi-maintained accounts, you will see the official "Verified Account" status of the account. If you do not see that "Verified Account" status, do not respond.
3. If you receive a Tweet or Direct Message from a Twitter account claiming to be affiliated with Citi, do not provide any account information. No Citi-affiliated Twitter account will ever ask for personal account information. Also, we will not ask for that information over e-mail or any other unsecured electronic channel.
The Federal Trade Commission maintains a couple of sites with good information about protecting your information at http://www.onguardonline.gov and http://www.ftc.gov/bcp/edu/microsites/idtheft/index.html. (Note: These are government sites and not Citi affiliated.) As we go into a future where social media will be used in more and more ways, it's important to understand the risks and have the information to combat any attempts to compromise your information security.