Social networking sites (SNSs) have revolutionized traditional information-sharing methods. They are mostly built on an individual’s offline social circle and they provide users with a wide variety of virtual interaction mechanisms. Such sites and applications have become important communication platforms that are integrated into the daily life of many users. However, they have also blurred the line between users’ offline and online lives and created the illusion of familiarity and intimacy over the web, which may have resulted in the sharing of a significant amount of personal information that users might have preferred to remain private. The technology of social networks is a double-edged sword. Although it can provide great benefits to its users, it comes with a huge price and responsibility: users’ privacy. SNSs users are not just the source of information; they are also the targets. They leave digital footprints during their visits to those websites and mobile applications, where privacy breaches and identity theft cases are increasing at an alarming rate. Users are vulnerable to privacy breaches from many different entities. They can come from SNSs service providers, third party applications, other users from SNSs users’ social networks, or other malicious attackers. However, privacy protection responsibility lies primarily with the individual user and often depends on users’ levels of personal information disclosure and knowledge of protection methods. The sharing of personal and identifying details such as gender, age, education, location, address and other personal information such as personal and family photographs can assist in establishing an identity that can be easily stolen and used by criminals. Identity theft criminals exploit the lack of awareness of SNSs users to gather personal information that has been freely supplied by the user. The purpose of this research is to assess the intensity of this problem by identifying SNSs users’ personal information disclosure levels, the kinds of information that they reveal, the degree to which they expose personal information to the public, the privacy settings they apply and their level of knowledge and awareness about how their information is protected by SNSs service providers. In addition, this research studied the effects of gender, age, education, and level of privacy concern on the amount and kind of personal information disclosure and privacy settings applied. Two methods of data collection were used. Firstly and primarily, an online survey was used to collect information about users’ behaviour on SNSs. The secondary method was a social experiment that tested SNSs users’ reactions to profile access requests by a stranger. The research focused on four different social networks: Facebook, Twitter, Instagram, and Snapchat. The survey showed that there was a significant amount of disclosure of personal information; however, it differed from one social network to another. Facebook had the highest level of information disclosure, whereas Twitter had the lowest amount of information disclosure compared to the other networks. The research revealed that gender, age, and education had significant influences on information disclosure and users’ privacy settings. In general, males, young people between 16-24, and high school students showed reckless and very identifying behaviour on SNSs that might comprise their privacy and, in the worst cases, their safety, as they become more vulnerable to attacks from identity thieves and other malicious entities. The findings of the social experiment indicated that the majority of Facebook, Instagram, and Twitter users were likely to accept complete strangers into their personal private profiles. The study concludes by offering recommendations and guidelines that may provide a safer browsing experience for social network users.