Popular Reviews

Adware Removal

» Adware Removal

Rogueware Removal

» Rogueware Removal

Keylogger Removal

Fix PC Errors

Helpful Definitions

Learn More

» Learn More

Antispyware Reviews

Registry Cleaner Reviews

Firewall Reviews

Spam Filter Reviews

Facebook Security Vulnerability: Are You At Risk?

Using Facebook is like driving on the open road; it is important to drive carefully and obey traffic laws, but that, in itself, is not enough to keep you safe and secure.  You must also depend on other drivers to do the same.  The fact is, though, not everyone is a good driver.  On Facebook and other open social networks, it is essential that you manage privacy settings, but what many people do not realize is that how their friends manage their settings is equally important to your privacy.  Researchers from the University of Arizona recently released a study indicating that vulnerable friends decrease your level of security.

Facebook has 750 million users throughout the world; on an average week, it is the second most visited website in the world, beat out only by Google.  Because of the incredibly broad user base, the social network site is a favorite target for malicious developers and scammers.  The most common types of malicious activities include: money-related scams, stalking (of which founder Mark Zuckerberg was himself a victim), malware, phishing, spamming, cyber-bullying, and hacked accounts, and extraction of personal user information.  The level of sophistication varies, as do the consequences, but threats can be severe.

The study, which looked at over two million Facebook users, determined that most users are “either not careful or not aware of security and privacy concerns of their friends.”  In other words, they do not know, or care, that their privacy settings and/or usage can affect others on their friends list.

Being security-conscious is no longer enough to keep an individual’s profile safe.  According to the study’s authors, Pritam Gundecha, Geoffrey Barbier, and Huan Liu, “[P]rivacy settings alone are not enough to protect privacy and achieve a high level of security.  Profile users can also face a breach of privacy if their friends abuse their trust.  Most social networking sites do not provide adequate means to protect trust between users and their friends.” 

Facebook users can be categorized as “reserved” or “gregarious.”  Say that a gregarious friend tags photos of you without asking.  Many times, this is not done with malicious intent; instead, it is in that socially-oriented friend’s nature to share.  You are tagged in his photo, which means that you are visible to his friends and potentially their friends as well.  That photo is no longer yours to control, simply because your name was tagged in association with it.  Another example is the privacy settings for friends’ lists.  About seventy-five percent of Facebook users do not use privacy settings to control who sees their friends list, but this can lead to other people finding “friends” who may not want to be found.

Just one friend with insufficient security and privacy settings can have an effect on the larger network, like a stone being cast into a pond.  Part of the problem is that many “friends” on Facebook are actually associates, business contacts, friends of friends, relatives you may not have ever met, and other people you do not necessarily know.  Gundecha says, “People have to realize they’re putting the same kind of trust in people who aren’t really their friends and extending that to their friends.  On Facebook, you’re talking to everyone at the same time, not just your actual friends.”

According to the University of Arizona researchers, defriending your “least discrete” friend increases your level of security by more than five percent. But the problem is how do you know if a friend is vulnerable to security risks?  One way to ascertain this is to see what type of information they, themselves, are willing to post.  About eighty percent of users, for instance, are willing to state their gender.  Only one percent is willing to post their physical address.  If you have a friend who does this (and is not a business entity), it is a safe assumption that they are not security-conscious or overly concerned with security.

The researchers aim to develop an application that will allow users to see their friends' privacy risks based on their Facebook vulnerability index, but until that happens, users must rely on their own observations. Does this “friend” tag photos of people often?  Does he do so with permission?  Does he tag friends in posts? Does he disclose his home address and phone number? Do you actually know your “friends”? 

This last item can present problems for users who accept friend requests even if they do not know the person sending them.  A team of researchers in Egypt created a tool, known as Facebook PWN, that “sends friend requests to a list of Facebook profiles, and polls for their acceptance notification.  First, a fake account is created, and then the tool attempts to friend all of the victim’s contacts.”

The next step of the process is to select a friend and “borrow” his name, photo, and friends list, which is then assigned to the false account.  PWN then uses that account to submit friend requests to the intended “target.”  The target sees a familiar name, photo, and list of mutual friends, and, the hackers hope, accepts the request.  “Once the victim accepts the invitation, it dumps all their information, photos, and friend list into a local folder.”  Even if the victim defriends the fake account, it will likely be too late.  The data is taken offline to examine and to provide fodder for “social engineering” attacks, such as spear phishing.  One friend who is not security-conscious or discriminating can lead this type of attack to your profile.

Whether it leads to a spear phishing attack or simply to your photo or name being accessible by more people than you wish, the fact is that lapses on your friends’ parts can result in compromises to your own security and privacy.  Users should continue to exercise caution in regards to their own settings but expand their vigilance by defriending less discrete or privacy-conscious friends and by being very selective as to whose requests are accepted.

We are affiliated with some of the legitimate programs recommended on this website. Should you choose to use the programs recommended here, we may receive a fee that will help support the site.

All content copyright 2006-2017, RemoveAdware.com.au. Author: Wayne Davis.
All Rights Reserved. All trademarks and company brand names are acknowledged.
Privacy Policy | Terms Of Service