Protecting Your PII: What You Should Never Post on Social Media

A professional posts their resume on LinkedIn. It includes their full home address, phone number, and date of birth. Within 48 hours, they receive:

• 12 spam calls
• 3 phishing emails claiming to be from recruiters
• 1 attempted identity theft

All from a single LinkedIn post.

This is the reality of PII (Personally Identifiable Information) exposure on social media. And most professionals don't realize they're doing it.

What Is PII (And Why Should You Care)?

PII (Personally Identifiable Information) is any data that can be used to identify, contact, or locate a single person. This includes:

Obvious PII:

• Full name + date of birth
• Social Security Number (SSN)
• Phone numbers
• Email addresses
• Home address
• Driver's license number
• Passport number
• Credit card numbers
• Bank account details

Less Obvious PII:

• Mother's maiden name
• Place of birth
• Full date and place of birth combined
• Medical records
• IP addresses (in some contexts)
• Biometric data (fingerprints, facial recognition)
• Employment history + personal details combined

The PII Exposure Crisis on Professional Social Media

A 2025 study of 10,000 LinkedIn profiles found:

• 42% included phone numbers publicly
• 28% included personal email addresses
• 15% included home addresses (via resume uploads)
• 8% included dates of birth
• 3% accidentally exposed SSN or financial data

The average professional unknowingly exposes 3-4 pieces of PII on social media that could be used for identity theft or fraud.

The 7 Types of PII You Should NEVER Post Publicly

1. Phone Numbers

Why It's Dangerous: Once your phone number is public, expect:

• Spam calls and texts
• Phishing attempts ("Hi, this is your bank...")
• SIM swapping attacks (hackers steal your number)
• Robocalls selling everything from insurance to crypto scams

Where People Accidentally Post It:

• LinkedIn "Contact Info" section set to public
• Resume PDFs uploaded to social media
• Email signatures in screenshot shares
• "DM me for details" posts with phone number

The Fix: Use LinkedIn's messaging system or a business phone number/Google Voice number for public sharing. Keep your personal number private.

2. Home Address

Why It's Dangerous: Your home address can be used for:

• Identity theft (combined with other data)
• Physical stalking or harassment
• Swatting attacks
• Targeted phishing ("A package was delivered to 123 Main St...")
• Public records searches revealing financial data

Where People Accidentally Post It:

• Resume PDFs on LinkedIn
• "Meet me at..." posts with full address
• Photos with address visible in background
• Business registration documents shared publicly

The Fix: Use a P.O. Box or coworking space address for business purposes. Never include home address on public documents.

3. Date of Birth

Why It's Dangerous: Your birth date is used for:

• Identity verification for banks, credit cards, government services
• Password reset security questions
• Age verification for accounts
• Combined with name, it's a key piece for identity theft

Where People Accidentally Post It:

• LinkedIn profiles (many people fill this in thinking it's private)
• Birthday posts tagging you
• "Happy Birthday!" comments revealing the exact date
• Old social media posts from years ago

The Fix: Set birthday to private on all platforms. Ask friends not to post specific dates publicly.

4. Social Security Number or Government IDs

Why It's Dangerous: This is the golden ticket for identity theft. With your SSN, criminals can:

• Open credit cards in your name
• File fraudulent tax returns
• Access medical records
• Apply for loans
• Commit government benefits fraud

Where People Accidentally Post It:

• Screenshots of documents (tax forms, W-2s, etc.)
• Photos of ID cards for "verification" or "proof"
• Accidentally included in shared spreadsheets or PDFs
• Visible in background of photos

The Fix: Never, ever post documents containing SSN. Redact SSN before sharing any documents electronically.

5. Financial Information

Why It's Dangerous: Credit card numbers, bank account details, or financial statements can be used for direct theft and fraud.

Where People Accidentally Post It:

• Screenshots of transactions or receipts
• Bank statements with account numbers visible
• Credit card photos for "proof of purchase"
• PayPal/Venmo transactions set to public

The Fix: Always blur or redact financial information. Set payment apps to private.

6. Email Addresses (Personal)

Why It's Dangerous: Your personal email is the key to your digital life:

• Password reset links for all your accounts
• Primary phishing target
• Spam list goldmine
• Data breach crossreferencing

Where People Accidentally Post It:

• LinkedIn "Contact" section set to public
• Email signature in forwarded messages shared as screenshots
• "Email me at..." posts
• Contact forms or registrations shared publicly

The Fix: Use a dedicated business email for public sharing. Keep personal email private.

7. Mother's Maiden Name & Security Question Answers

Why It's Dangerous: These are common security questions for:

• Password resets
• Banking verification
• Government services
• Healthcare portals

If someone knows these, they can bypass security.

Where People Accidentally Post It:

• Family tree posts ("Celebrating the Smith family!")
• Old "fun facts about me" posts
• Ancestry/genealogy sharing
• High school reunion posts mentioning maiden names

The Fix: Don't share family history details publicly. Use fake answers for security questions.

The LinkedIn Resume Trap

One of the most common PII exposures happens when professionals upload resumes to LinkedIn.

What's Often Included (But Shouldn't Be):

Dangerous Resume Information:

• Full home address
• Personal phone number
• Personal email
• Date of birth
• References with contact info
• Social Security Number (on some old formats)

How to Share a Resume Safely:

1. Create a "Public" Version with only:

   • Name
   • LinkedIn URL
   • Professional email (not personal)
   • City, State (not full address)
   • Work history and skills

2. Remove All PII:

   • No phone number (use LinkedIn messaging)
   • No home address
   • No birth date
   • No references

3. Use LinkedIn Features Instead:

   • Fill out your profile completely
   • Use "Open to Work" badge
   • Let recruiters message you directly

The Photo Metadata Problem

Did you know? Photos you post can contain hidden PII in the metadata (EXIF data).

What EXIF Data Reveals:

• Exact GPS coordinates where photo was taken
• Date and time
• Camera model and serial number
• Sometimes: your name (if set in camera settings)

Real-World Example:

A professional posts a photo from their "home office." The EXIF data reveals their exact home address. A stalker uses this to find their house.

The Fix:

• Remove EXIF data before posting (use tools like exifremove.com)
• Disable location tagging on your phone camera
• Use social media apps (they usually strip EXIF automatically)
• Never post photos showing street signs, house numbers, or unique landmarks near your home

How Criminals Use Your PII

Understanding how PII is weaponized helps you protect it:

Attack Method #1: Credential Stuffing

Criminals take your leaked email/password from one breach and try it on hundreds of other sites (banks, social media, work accounts).

Prevention: Unique passwords for every account. Use a password manager.

Attack Method #2: Social Engineering

Scammers call pretending to be your bank: "Hi [Your Name], we need to verify your account. You live at [Your Address], right? And your birthdate is [Your DOB]?"

Because they already have your PII from social media, you think they're legitimate.

Prevention: Never confirm PII over the phone. Hang up and call the official number.

Attack Method #3: Identity Theft

With enough PII (name, DOB, SSN, address), criminals can:

• Open credit cards
• File tax returns to steal refunds
• Access medical care
• Rent apartments
• Apply for loans

Prevention: Monitor your credit report, freeze your credit, limit PII exposure.

Attack Method #4: Targeted Phishing

"Hi [Your Name], I see you worked at [Company]. I'm looking to hire someone with your experience in [Your Skills]. Can you fill out this form?"

The form asks for SSN, DOB, etc. You think it's a real recruiter because they knew your work history.

Prevention: Verify recruiter identity independently. Never give PII via forms.

How to Audit Your Social Media for PII Exposure

Step 1: Search Your Name + "Phone"

Google: "[Your Name] phone number"

See what comes up. Remove any public listings.

Step 2: Check LinkedIn Privacy Settings

LinkedIn → Settings → Data Privacy → Manage → Who can see your connections, email address, phone number

Set everything to "Only You."

Step 3: Review Old Posts

Search your social media history for:

• Birthday posts
• Address mentions
• Phone numbers
• Email addresses

Delete or edit.

Step 4: Check Photo Metadata

Download a few photos you've posted. Check EXIF data. If it contains GPS coordinates, remove metadata from all future posts.

Step 5: Google Yourself

Google: "[Your Full Name] [Your City]"

See what public information is available. Request removal from people search sites like Whitepages, Spokeo, BeenVerified.

How SimaraGuard Protects Your PII

SimaraGuard scans your LinkedIn posts and Gmail emails BEFORE you send them, detecting:

• Phone numbers in any format
• Email addresses
• Home addresses
• Social Security Numbers
• Credit card numbers
• Dates of birth
• Other sensitive patterns

How It Works:

1. Write your LinkedIn post or email
2. Click "Check with SimaraGuard"
3. Get instant PII detection warnings
4. Remove or redact sensitive info
5. Post/send safely

What To Do If You've Already Exposed PII

Immediate Actions:

If you exposed your phone number:

• Change privacy settings
• Delete the post
• Consider getting a new number if spam becomes unmanageable
• Use call screening apps

If you exposed your address:

• Delete the post
• Monitor for suspicious activity (mail theft, strange visitors)
• Consider a credit freeze
• Opt out of people search sites

If you exposed your SSN:

• THIS IS CRITICAL: Immediately freeze your credit with all 3 bureaus (Equifax, Experian, TransUnion)
• File a report with IdentityTheft.gov
• Monitor your credit reports monthly
• Consider identity theft protection services

If you exposed financial info:

• Contact your bank immediately
• Cancel compromised cards
• Change all banking passwords
• Enable 2-factor authentication

PII Protection Checklist

Before posting anything on social media:

• Does this contain my phone number?
• Does this contain my home address?
• Does this reveal my exact date of birth?
• Does this contain financial information?
• Does this contain my personal email?
• Could someone use this info to verify my identity at a bank?
• Does the photo contain EXIF data with my location?
• Am I sharing a document that might have hidden PII?

If you answer YES to any of these, remove the PII before posting.

Conclusion: PII Protection Is Career Protection

Your PII is valuable. To criminals, it's currency. To you, it's your identity, your reputation, and your financial security.

Remember:

• Once PII is public, you can't take it back
• Identity theft can take years and thousands of dollars to resolve
• Prevention is easier than recovery
• Tools like SimaraGuard can catch what you miss

Protect your PII like you protect your passwords. Because in 2026, they're equally valuable.

---

Want automatic PII detection before you post? Install SimaraGuard and protect your privacy on LinkedIn and Gmail.