5 tips to protect your online student profiles

City College cybersecurity professor offers expert strategies to maintain privacy online

Byline photo of Venkateswar Rao Vadlamudi

Venkateswar Rao Vadlamudi, Multimedia Journalist

November 5, 2025

City College student Gabriel Vasquez views his online profiles at San Diego City College, Friday, Oct. 10, 2025. Photo by Venkateswar Rao Vadlamudi/City Times Media

San Diego City College students rely on social media for everything from shopping and finding information to staying connected with friends, habits that make cybersecurity safety tips from one City College professor more relevant than ever.

“Students are prime targets,” Professor David Kennemer, director of the computer information systems program at City, said. “Students often list their university, major and class schedules publicly.”

A simple social media app update can reset privacy settings to public defaults, exposing personal information.

“A post about your pet’s name or your college becomes the key to building trust in a fraudulent message,” Kennemer said.

Story continues below advertisement

Personal information allows scammers to create highly targeted phishing attacks. Phishing attacks are when fraudsters impersonate legitimate organizations to trick you into sharing sensitive data like passwords or credit card numbers.

Kennemer warned that fraudsters might pose as college administrators, financial aid officers or even classmates, using details from social media to make their requests for login credentials or payments appear legitimate.

With phishing scams and digital fraud on the rise, student users are at risk of data breaches. The San Diego Community College District’s IT department now requires multi-factor authentication for all student accounts.

Kennemer suggests five tips for securing user data.

1. Check privacy settings after every app update

In today’s digital world, updates occur regularly. It’s left to the consumer to check their digital privacy settings regularly.

“Application updates often restore default privacy configurations,” Kennemer said.

These defaults typically maximize data visibility for the company. Students must proactively review and adjust these settings following any software change.

“You have to go back to privacy settings frequently,” Kennemer said.

A single update can alter permissions previously restricted. Consistent verification is the only way to maintain a preferred level of privacy. This practice ensures personal information remains protected.

Failing to do so can inadvertently expose data. Make it a routine to manage digital life.

2. Use a web browser, not the mobile app

A web browser is the preferred method for safely accessing the web and provides access to a platform’s complete data usage policies.

Mobile applications often present abbreviated or simplified terms of service. The full legal documentation is typically available on the company’s website.

“You might have to go into a web browser … to find out exactly how they are using your data,” Kennemer said.

Important details about data use are often hidden. Checking on a computer gives a clearer view and helps students understand how their data is used and how to give informed consent.

3. Enable multi-factor authentication

The multi-factor authentication process requires a second form of verification after entering a password. This is often a code sent to a phone or generated by an app. In the event a password was compromised, the account would remain secure.

Kennemer said enabling multi-factor authentication is the most important security step available to users.

It adds a critical layer of protection beyond just a password. Every major online platform now offers multi-factor authentication.

“Students should enable it for their email, social media and financial accounts. It is a simple step with a substantial security payoff,” Kennemer said.

4. Separate email address for social media

Students should create a unique email account used exclusively for social media. This isolates primary personal emails from a professional email address.

This strategy minimizes spam and phishing attempts in the primary inbox. It also limits the damage if a social media account is compromised. Hackers cannot use that email to target other critical online accounts.

This separation is an important way students can protect their privacy.

5. Change passwords regularly

Students are encouraged to change passwords regularly and avoid reusing them across all platforms.

Kennemer advised students to operate under the assumption that nothing is private. Any digital communication or post could potentially become public. This mindset encourages more thoughtful and cautious online sharing.

Proactive measures are necessary in the modern digital landscape.

Total privacy is difficult, if not impossible, to guarantee, and these practices reduce risk but do not eliminate it entirely. For more information about how to keep your data safe, visit sos.fbi.gov/en/students.

View the video, “Essential Tips for Online Privacy Protection” to learn more.

The story was edited by Chrisdan Peralta, Tresean Osgood, David J. Bohnet and Itzel Martinez.

Donate to City Times

Your donation will support the student journalists of San Diego City College. Your contribution will allow us to purchase equipment, cover the cost of training and travel to conferences, and fund student scholarships. Credit card donations are not tax deductible. Instead, those donations must be made by check. Please contact adviser Nicole Vargas for more information at [email protected].