Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Facebook urged to step up default privacy settings.

Sophos : 03 October, 2007  (Technical Article)
Sophos reveals that majority of Facebook users are opening themselves up to increased risk of identity theft through open profiles.

IT security and control firm Sophos is urging Facebook to improve its default privacy settings following new research that revealed members are unwittingly exposing their personal details on a mass scale to millions of strangers, putting themselves at risk of identity theft.

Sophos took a random snapshot of 200 users in the London Facebook network, which is the single largest geographic network on the site, with more than 1.2 million members. The company found that a staggering 75 percent allow their profiles to be viewed by any other member, regardless of whether they or not they have agreed to be friends.

Worryingly for businesses, 25 percent, which could equate to as many as 300,000 users in the London network, revealed information relating to their work - details that could potentially be used by cybercriminals in their attempts to commit corporate ID fraud or to infiltrate company networks.

Facebook is made up of thousands of networks worldwide, and users are encouraged to join them in order to meet and make friends with people in their area. Even if you have previously set up your privacy settings to ensure that only friends can view your information, joining a network automatically opens your profile to every other member of the network. Sophos experts note that this is a worrying situation, particularly given the growing popularity of these networks. For instance, in May 2007, there were just 375,000 Facebook members in the London network, a three-fold increase in just four months means that an unprecedented amount of personal and corporate information is now available for strangers to view.

'I was flabbergasted when I joined a network on Facebook using a profile which I thought was secure, only to find Facebook had changed a number of settings and was opening me up to millions of strangers. Who was to say that cybercriminals weren't in that network too? Is it right that Facebook works this way?' said Graham Cluley, senior technology consultant at
Sophos. 'While Facebook's privacy features are far more sophisticated than competing social networking sites, too many members still aren't getting the message about how to use them to prevent ID theft. Facebook has ultimately put these privacy options in place to protect its flock but perhaps it's now time for the networking phenomenon to take the next step and change its default settings so that when members join a network, they have to actively click to leave their details on show, rather than automatically letting it all hang out online.'

The research further highlights that 54 percent of users in the London network show their full date of birth; vital information for cybercriminals wishing to commit identity fraud. One percent, which could equate to as many as
12,000 people, also divulge their phone number to over a million strangers. While smaller networks may not pose as great a threat as the massive London circle, each one - whether regional, work or college related - presents a significant risk
to members who fail to check and amend their privacy settings.

'The Facebook network issue almost amounts to identity-on-demand for cybercriminals, who are fully capable of taking advantage of unwitting Facebook fans. It's crucial that users take a few minutes to look at their privacy settings before getting caught up in the undisputed fun of Facebook,' concluded Cluley.

Recently, Sophos published research showing that 41 percent of Facebook users were prepared to divulge personal information to a complete stranger (a small plastic frog called Freddi Staur - an anagram of 'ID Fraudster').
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo