In a year, the number of online U.S. households using social networks such as Facebook and MySpace has nearly doubled, expanding online opportunities for criminals.

According to Consumer Reports’ latest State of the Net survey, many social-network users are naive about the risks of posting information on these sites. The survey found that 40 percent of social-network users had posted their full birth date, exposing themselves to identity theft.

Using social networks increases the risk for becoming a victim of a cybercrime. Within the past year, CR found that 9 percent of social-network users experienced some form of abuse, such as malware infections, scams, identity theft or harassment. Cybercrime is costly — CR estimates that Americans have spent $4.5 billion over the past two years and that it has caused them to replace 2.1 million computers.

Seven things to stop doing on Facebook

• Using a weak password. Avoid simple names or words that can be found in a dictionary, even with numbers tacked on the end. Instead, mix upper- and lower-case letters, numbers and symbols. A password should have at least eight characters. One good technique is to insert numbers or symbols in the middle of the word.

• Listing a full birth date. Listing a full birth date — month, day and year- can make someone an ideal target for identity thieves, who can use it to obtain more personal information and potentially gain access to bank and credit card accounts. Choose to show only the month and day or no birthday at all.

• Overlooking useful privacy controls. Facebook users can limit access for almost everything that is posted on a profile from photos to family information. Consider leaving out contact info, such as phone number and address.

• Posting a child’s name in a caption. Don’t use a child’s name in photo tags or captions. If someone else does, delete it by clicking Remove Tag. If a child isn’t on Facebook and someone includes his or her name in a caption, ask that person to remove the name.

• Mentioning being away from home. Doing so is like putting a “no one’s home” sign on your door. Be vague about the dates of any vacations.

• Being found by a search engine. To prevent strangers from accessing a profile, go to the Search section of Facebook’s privacy controls and select Only Friends for Facebook search results. Be sure the box for Public Search isn’t checked.

• Permitting youngsters to use Facebook unsupervised. Facebook limits its members to ages 13 and older, but children younger than that do use it. If there’s a young child or teenager in the household who uses Facebook, an adult in the same household should become one of their online friends and use their email as the contact for the account in order to receive notification and monitor activity.

Security software

CR’s State of the Net survey found that 40 percent of online U.S. households had at least one virus infection in the past two years, so it’s important for consumers to protect their computers with security software. Although almost all new PCs come with a free trial version of a subscription security suite from a company such as Symantec or McAfee, CR’s latest tests confirm that consumers can skip paying for these programs and still be safe online.

Avira AntiVir Personal 9 (free-av.com) offers ample protection for most — free of charge — and was among the best anti-malware programs, but it persistently tries to sell you its untested $27 pay version, which adds some features. Microsoft Security Essentials (microsoft.com/security_essentials/default.aspx) is also free, yet less obtrusive. Although its score is lower overall compared to Avira, Microsoft’s program was a little better at identifying websites that host malware.