Many Facebook Users Compromise Own Identities

Careless consumers make identity theft easy, study finds

By Mark Huffman
ConsumerAffairs.com

August 20, 2007

• RFID Eyed as Anti-Shoplifting Tool
• Internet Providers Admit to Monitoring Customers' Web Surfing
• Big Brother Hitching A Ride in California?
• GAO: Government Can Do More to Protect Personal Data
• US Search Agrees to Stop Selling Private Credit Data
• TSA Site Left Passenger Data Exposed To ID Theft
• Connecticut Governor Wants 'Opt Out' For Online Directories
• Verizon Gave Customer Data To Government Without Court Orders
• House Democrats Probe Warrantless Surveillance
---
• More Privacy News ...

Not all case of identity theft come from stolen notebook computers or vulnerable computer networks. Computer security firm Sophos says many members of the social networking site Facebook fail to take simple steps to guard against identity theft.

Compiled from a random snapshot of Facebook users, Sophos's research shows that 41 percent of users, more than two in five, will divulge personal information - such as email address, date of birth and phone number - to a complete stranger, greatly increasing their susceptibility to ID theft.

The Sophos Facebook ID Probe involved creating a fabricated Facebook profile before sending out friend requests to individuals chosen at random from across the globe.

To conduct the experiment, Sophos set up a profile page for 'Freddi Staur' (an anagram of 'ID Fraudster'), a small green plastic frog who divulged minimal personal information about himself. Sophos then sent out 200 friend requests to observe how many people would respond, and how much personal information could be gleaned from the respondents.

“Freddi may look like a happy green frog that just wants to be friends, but actually he's happy because he's just encouraged 82 users to hand over their personal details on a plate,” said Graham Cluley, senior technology consultant at Sophos.

“While accepting friend requests is unlikely to result directly in theft, it is an enabler, giving cybercriminals many of the building blocks they need to spoof identities, to gain access to online user accounts, or potentially, to infiltrate their employers' computer networks.”

Among the findings of the Sophos Facebook ID probe:

• 87 of the 200 Facebook users contacted responded to Freddi, with 82 leaking personal information (41% of those approached)

• 72% of respondents divulged one or more email address

• 84% of respondents listed their full date of birth

• 87% of respondents provided details about their education or workplace

• 78% of respondents listed their current address or location

• 23% of respondents listed their current phone number

• 26% of respondents provided their instant messaging screenname

In the majority of cases, Freddi was able to gain access to respondents' photos of family and friends, information about likes/dislikes, hobbies, employer details and other personal facts.

In addition, many users also disclosed the names of their spouses or partners, several included their complete résumés, while one user even divulged his mother's maiden name - information often requested by websites in order to retrieve account details.

“What's worrying is how easy it was for Freddi to go about his business. He now has enough information to create phishing emails or malware specifically targeted at individual users or businesses, to guess users' passwords, impersonate them or even stalk them,” Cluley said.

“Most people wouldn't give out their details to a stranger in the street, or even respond to a spam email, yet several of the users Freddi contacted went so far as to make him one of their 'top friends'. People need to realise that this is still unsolicited communication, despite it occurring within Facebook, and users must employ the same basic precautions - such as not responding in any way - to prevent exposure to wrongdoers.”

As well as the successful friend requests, a number of users unwittingly enabled Freddi to gain access to their profile information simply by sending response messages such as "Who are you?" and "Do I know you?" back to his Facebook inbox.

Sophos experts note that users' profiles can be protected from such exposure by adjusting the privacy controls within their Facebook account settings.

“It's important to remember that Facebook's privacy features go far beyond those of many competing social networking sites,” Cluley said. “This is about the human factor - people undoing all that good work through carelessness and being preoccupied with the kudos of having more Facebook friends than their peers, which could have a serious impact on business security, if accessed in the workplace.”

Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.

Share		Follow us on Twitter.

FREE CONSUMER NEWSLETTERS
The Daily Consumer Afternoons M-F Sign up now!	Consumer News & Alerts Every Sunday Sign up now!

CONSUMER NEWS

SAFETY RECALLS

Three Sisters Baby Hammocks

More Recalls ...

MOST-VIEWED PAGES

NEW COMPLAINTS

Etsy.com
Fashion Bug
Shoprite
US Loan Assistance Center
Tavern On The Green, New York, NY
All American Chrysler Jeep Dodge, Midland, TX
Atlantic Auto Mall, West Islip, NY
Route 280 Auto Group, Orange, NJ
Classic Ford of Columbia, Columbia, SC
Vanderstyne Toyota, Rochester, NY

Back to the top |

Custom Search

AUTOMOTIVE
• Dealers
• Manufacturers
• Service
• Extended Warranties
• Lemon Laws
• Recalls
• Tires
• Transporters

FAMILY
• Aging
• Children, Parenting
• Recalls
• Dating
• Education
• Entertainment
• Pets
• Weddings

FINANCE
• Annuities
• Banks
• Credit Cards
• Debt Collection
• Debt Counseling
• Insurance
• Investing
• Loans
• Mortgages
• Payday Loans
• Student Loans
• Tax Prep

HEALTH
• Doctors
• Drugs, Pharmacies
• Health Clubs
• Hearing Care
• Hospitals
• Nursing Homes
• Nutrition, Diets
• Vision Care
• Weight Loss

HOUSE & HOME
• Appliances
• Cookware
• Furniture
• Home Improvements
• Lawn & Garden
• Movers
• Pools & Spas
• Realtors, Rental Agents
• Recalls
• Utilities

ELECTRONICS
• Cable TV/DBS
• Cameras
• Cell Phones
• Computers
• Home Electronics
• Internet Access
• Local Phone Service
• Long Distance
• VoIP

SHOPPING
• In-Home
• Online
• Retail Stores
• Sporting Goods
• Supermarkets
• Telemarketers

TRAVEL
• Airlines
• Bus Lines
• Car Rental
• Cruises
• Hotels
• Travel Agents
• Trains

RESOURCES
• Class Actions
• Complaint Form
• Small Claims Guide
• Lemon Laws

CONSUMER NEWS
• Latest News
• Automotive
• Telecom
• Financial
• Health
• Homeowners
• Scams
• Seniors
• Travel
• More ...

RECALLS
• Automotive
• Children's Products
• Drugs
• Food
• Household Products
• Sporting Goods

ABOUT US
• FAQ
• Privacy Policy
• Advertise With Us
• Newsroom
• Syndication
• Terms of Use

Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice. ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof.