Facebook – Connecting friends or collecting information?

Facebook and all social media sites should be treated like everything on the Internet… WITH CAUTION!
Facebook as you would know, is the latest free social media hub for everyone, sharing photos, locations, opinions and pretty much anything you can think about.

Like the rest of the world, I have a Facebook account. I don’t like to use it, but I conformed to societal norms after pressure from nagging friends to keep in touch. Seems you’re a social leper these days if you don’t have a Facebook account.

What many people don’t understand about Facebook, is that many things inside the Facebook website are external applications from other companies and web developers, which can download viruses and other malicious softwarein the background. For example, playing a game can install a malware infection on your computer. As an I.T Professional, the amount of infected PC’s which have required my attention to resolve malicious software which requests credit card details, has doubled from past years.

Not only are the issues evident with users being able to post live status, locations, posts, and pictures giving anyone your whereabouts, but malicious attackers are now targeting these social media sites.

By gaining unauthorised access (or hacking) one persons Facebook account, hackers can use this account to post false information (baiting) for their friends to see, then the friends unknowingly view and download malicious software infecting and making their computer at risk.

Often you can see posts on Facebook saying they have fixes for viruses, which can be downloaded. These “fixes” themselves are viruses which request credit card details before they’ll ‘fix the issue’, which of course it doesn’t fix the issue, but congratulations, you’ve just handed over your credit card details.

Another means of information extraction is done by friend quizzes asking questions in which you post your answers are actually questions quite commonly used as security questions for banks, phone companies, email password recovery, and credit cards, which they can use to attempt to gain access to your accounts.

Facebook has for some time been investing in development of a facial recognition search engine to automatically tag friends into photos uploaded.

Google was also researching the same technology, but dropped the project due to the results being “too creepy” in terms of how accurate and exploitative this technology could be.

To show that Google was right, a University in Europe took a photo in public of random people. In a few short hours, they had the personal information of the people in the photo, up to the first 5 digits of their social security numbers before stopping, suggesting Google was right – ‘it is creepy’

Previously I mentioned the issues of status updates, picture uploads, tagging into locations etc. being a security concern. These features of Facebook easily give one the presence to look into your life, know your habits and traits, and use this information however they like, in some cases leading to abductions and even sadly, deaths.

To keep unwanted viewers at bay, ensure that your privacy settings are setup correctly, and every time Facebook release a new privacy agreement, double check your settings have not been changed, as Facebook can change your settings by default.

Facebook have implemented a ‘view as’ feature, which allows you to see your Facebook page externally as if from another user or group. To access this feature – from the main page find and select the profile tab, then on the right hand side, an icon ‘view as’ should be visible to you, select this icon and choose who you want to view your profile as.

Think BEFORE you post. A recent study shows that more employers, lawyers, and universities are using Facebook as a means of private investigation to see who you actually are before hiring, accepting your application or potentially using this information against you.

Written By Steve Bakker