Twitter users warned over photos of debit cards

Security experts are warning users to take care when Tweeting photos containing bank cards.

Sophos said that users have been leaving themselves open to account theft by posting images of their bank cards to Twitter, leaving details such as names and account numbers publicly viewable and potentially vulnerable to harvesting and account theft.

The images are often posted by users who have recently found or cut their cards, but will often leave sensitive information partially or fully visible.

Sophos Naked Security blog writer Anna Brading noted that even if the number itself is not usable, cybercriminals could use the collected information as a starting point for larger, more extensive fraud operations.

"Putting up a picture which features all your bank card information is like giving thieves a good chunk of your identity jigsaw puzzle," Brading explained.

"If someone who had seen your photo then decided to follow you - and look you up on other social networking sites - they could start to build up more details about you and add missing pieces to the puzzle."

To help shed light on the issue and encourage users to adopt better practices on Twitter, an anonymous user has set up the @needadebitcard feed. Designed to notify and shame users who put their information at risk, the feed collects and retweets user photo postings which contain debit card information.

Social networking sites have long posed security risks for both individual users and businesses. The personal nature of such services often leads to lapses in security practices and allows users to unintentionally share sensitive information with outside parties.