You may think you are being kind, but it could turn into something sinister. Picture: Supplied

WISHING a friend happy birthday on Facebook could get your account hacked and your private info stolen, a new survey has found.

The innocent greeting, combined with other Facebook posts, could allow scammers to glean enough about you to snatch your payment details and other sensitive data.

A whopping 83 percent of people surveyed by Nationwide aged 16-25 said they knew of friends who "overshared" online.

These hardcore social media users "post constantly" and "keep very little secret," according to the building society.

They share things like their relationship status, health and political beliefs, and holiday updates, which are known to put your home at risk of burglary.

Goldmine for hackers

Worse still, 56 percent of respondents said their friends often share their current location.

These types of revealing posts are a goldmine for hackers on the hunt for private info on Facebook's 2.2 billion users.

And they've led to a spate of profile hijackings, with one in five people revealing they've had their social media accounts hacked.

Around a quarter of users said they'd had their profiles snatched because they clicked on a link their friends sent them that wasn't genuine.

Once a hacker gains access to your account, all bets are off.

They can view any information you've posted online, even if your privacy settings are on maximum. Hackers can then use this to get hold of bank details and other sensitive data, according to Nationwide.

Make sure it doesn't fall into the wrong hands

Of those respondents who said they'd been hacked, 11 percent said either themselves or a friend has lost money as a result and 11 percent had their account duplicated.

"Social media is a great way for people to connect with friends or family, but it's important to think about the information you are sharing with others, so it doesn't fall into the wrong hands," said Stuart Skinner, director of fraud at Nationwide.

He continued: "Wishing someone a happy birthday or sharing your location may seem innocent enough, but fraudsters can piece together information from various places, collecting enough to defraud people.

"To protect yourself, check privacy settings so only vetted friends can see updates, don't give away too much information or anything you wouldn't want a fraudster to see, have a strong password that doesn't use any of your personal information and stop and think before sharing."

This story originally appeared on The Sun and has been republished with permission.