Identity Theft and Facebook
February 28, 2008
If you're new here, you may want to subscribe to my RSS feed or get new posts via email. Thanks for visiting!
As social networks like Facebook grow, there are more and more concerns that it will be used as yet another platform for identity theft (as if the mail and doctor’s office wasn’t bad enough).
It makes sense: the more information you share, the more possibility of making a connection with someone. The more you are connected you are to people, the greater chance there is of identity theft.
Not all social networking ID theft works out like this, either:
Is it really an issue?
Think about all the profiles you see out there. People list their real name, date of birth, contact details, employer, positions (not to mention work history).
Even though people (I hope) don’t post their SSNs etc., there is enough information there that could be used in a phishing or other social engineering attack.
A University of Tennessee at Martin student was arrested on charges of identity theft after he bought three iPods with someone else’s credit card. The student got the victim’s date of birth and email address from their Facebook profile, and then changed the password on her Apple ID using that info. He then logged into the Apple store as her, and ordered away. He said “he did not think the order would go through”. (Uh-huh).
Sophos, a IT security firm, did a test where they created a fake Facebook profile for “Freddi the Frog”. They then sent out 200 friend requests to random people and here are the results:
- 87 of the 200 Facebook users contacted responded to Freddi, with 82
leaking personal information (41% of those approached) - 72% of respondents divulged one or more email address
- 84% of respondents listed their full date of birth
- 87% of respondents provided details about their education or
workplace - 78% of respondents listed their current address or location
- 23% of respondents listed their current phone number
- 26% of respondents provided their instant messaging
screenname
How can I protect myself?
There are some things you can do:
- There are actually a lot of privacy controls in Facebook to control who sees what. Click on “privacy” in the top right corner and think hard about what you what to display and how you want people to find you
- Think about the people who are requesting that you add them. Do you really want them to see your whole profile? If not, show them the “Limited Profile”
And, if you are really not sure what to do with all of this, you can always become a prince on Facebook. I hear that works out really well.
Are you selective about the information that you share on Facebook?
Related Posts
Posted in Identity Theft, Social Networks
content rss
March 21st, 2008 at 6:52 am
[…] If you’re new here, you may want to subscribe to my RSS feed or get new posts via email. Thanks for visiting!Just wanted to post an update on a post that I had made earlier about Facebook privacy. […]
May 6th, 2008 at 4:54 am
[…] written about identity theft and Facebook before, as well as new Facebook privacy controls. The BBC’s show Click has an interesting new […]
May 18th, 2008 at 8:38 am
[…] via email. Thanks for visiting!As I’ve mentioned a number of times whether talking about identity theft concerns, new privacy controls on Facebook, or Facebook applications stealing data, identity theft is a […]