Facebook Users Desperate for New Friends
This CNET article points out that over 40 percent of Facebook users will willingly expose their personal information to anyone who asks to be their ‘friend.’ The personal information is mostly real names, addresses and sometimes phone numbers, but it definitely exposes them to further compromise by targeted spear-phishing.
From CNET here:
IT security firm Sophos has released the results of its Facebook ID Probe, a test to see just how many users of the site–which claims more than 100,000 new users per day–are willing to divulge highly personal information to potential identity thieves.
Sophos created a fake Facebook profile, under the name ‘Freddi Staur’ (‘ID Fraudster’ with the letters rearranged), and randomly requested 200 members to be friends with ‘Freddi.’ Out of those 200, 87 accepted the friend request and 82 of those gave ‘Freddi’ access to “personal information” such as e-mail addresses, dates of birth, addresses and phone numbers, and school or work data.
Out of the 41 percent of those surveyed who divulged personal information to ‘Freddi,’ 72 percent provided at least one e-mail address, 84 percent gave their full date of birth, and 78 percent gave a current location (whether an address or just a city). More alarmingly, 23 percent provided a phone number and 26 percent provided an instant messaging screen name.
“While it’s unlikely this will result directly in theft, it provides many of the essential elements needed to gain access to people’s personal accounts. Additionally, it reveals specific user interests, enabling hackers to design targeted malware or phishing emails that they know the user is more likely to open.”
I think its hilarious to view Myspace profiles that are maggoty with so-called friends that the users have added who just use their comment boards to promote spammy goods like free handbags, calling cards and penis creams. But Facebook is a lot more safety conscious because by default, profiles are private to all but acknowledged friends. But risk is introduced when the users are so willing to allow anyone to adopt them as a friend.