Wednesday, August 15, 2007
Adding strangers as 'friends'
A new study found that Facebook users may need to take their personal privacy more seriously - also that there seems to be some confusion about who is and isn't a friend there. It doesn't appear to have been that scientific a study, but the methodology is interesting: IT security firm Sophos "created a fake Facebook profile, under the name 'Freddi Staur' ('ID Fraudster' with the letters rearranged), and randomly requested 200 members to be friends with 'Freddi'," CNET reports. "Out of those 200, 87 accepted the friend request and 82 of those gave 'Freddi' access to 'personal information' such as e-mail addresses, dates of birth, addresses and phone numbers, and school or work data. Presumably, the other five had restricted 'Freddi' to limited profile access, which many users select for bosses, parents, or people they don't know in real life." Sophos says that, although it's unlikely this behavior will result in theft, this is the kind of fuel phishers seek for their social engineering (manipulation). BTW, I admit to a bit of that friending confusion - I have a Facebook profile and get friend requests all the time from people I don't know personally, and I confess to feeling kind of mean and unfriendly if I ignore them. If an online-safety advocate feels that way….
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment