This is a cut n paste from a quick n dirty guide i wrote for some of my less than techy friends on facebook some months ago. I claim props (i am so sad it hurts)
Ill post some here for anyone whose interested in securing facebook although i don't pretend that it is a a complete and perfect solution, just better than doing nothing.
I am sure many of you have got random friend requests from apparent complete strangers without any form of explanation at all. I am also sure that you would not automatically add said strangers to your “friends” without reason. However some people feel awkward at rejecting friend requests even from complete strangers. This is of course what these people are relying on to get information. Other than that Facebook allows people to see information from your profile if you message them back asking them such logical things as “Who are you?” Facebook grants this access to them for 1 month and if you haven’t changed your privacy settings this is as good as adding them to your friends list. This is also what these people are relying on. Finally the Facebook search listing system is quite powerful and discloses enough information about you on default settings to be a concern particularly for people searching within a Network.
Firstly on your profile at the bottom of your page Click the button “Public Listing” then cut n paste that URL / Address into your browser to see what information you are giving out when people search for you. This by default is often too much information so click “Return to Search Privacy” on that screen. You don’t need to limit who can search for you or who can view your public listing otherwise people won’t be able to find you if they are not already friends and this will stop you being able to re-united with old friends. Instead you just change what people can see when they do search for you. However I would take a tick out of the box “Allow my public listing to be indexed by external search engines” as there is just no need or advantage to that option. At the bottom of the page is a section called “What Can People Do With My Search Results” I would suggest that only thing they need to be able to do is “See your picture” & “Send you a message” so take ticks out of every other box. They don’t need to see your friends, you should only let people you like POKE you (hehe) and you can add them as a friend later. Don’t forget to click SAVE at the bottom of the page. Now when people search for you they will only be able to search on Facebook and only have access to the minimum of information they need to contact you and nothing else. You can check to make sure it works by looking at your public listing as in the beginning of this whole thing, you should see a much more safe search listing / public listing.
The next thing you may want to change is your privacy settings for you “Poke, Message, and Friend Request” so start by clicking “Privacy” in the top right on your profile screen and then on the screen that follows “Poke, Message, and Friend Request”. This bit is simple just take a tick out of every box except “Basic Info” and then click SAVE at the bottom of the page again. This will increase your privacy when you reply to messages or poke someone who isn’t on your friends list. It is useful as sometimes you may receive a message from someone and you may not be sure who they are so you may want to message them back but in doing to Facebook will grant them one months access to your profile. This option will limit what access they have during this one month to what they actually just need to speak to you and nothing else. This will defeat the secondary method people use to obtain access to your full profile as otherwise if you reply without changing these options they gain nearly as much information for a whole month as they would by being on your friends list. Therefore you can message them back with more confidence you aren’t giving them private information.
The final thing I would recommend you change in your privacy settings is who can see what in general. You do this by going again to the “Privacy” in the top right on your profile screen and then on the screen that follows “Profile”. On this screen just change everything to “Only My Friends” in the entire list of drop down boxes present on the screen and then click SAVE. This is obvious as it will mean that only your friends will be able to see these items on your profile as opposed to everyone or strangers in your network. If you prefer to have some elements of your profile shown to non friends / strangers then select the relevant option on each of the drop downs but be careful which you choose as people you don’t know will be able o see this information by dint of just being in your network.
There are other things you can change such as your limited profile and application privacy settings but there are other notes around on this and if you need them then just shout up. I will assume that if you know about your limited profile then you will be comfortable enough with computers and Facebook not to need a “How to” guide like this,
Disclaimer – The above will help you improve your security and privacy but I don’t claim to be an expert on Facebook so if this really bugs you use the Facebook Help Options for detailed information. This guide is just designed to firstly make you think about security / privacy and take some basic steps to securing / improving yours if you haven’t already.
Caring but sad, i need to get out more