Facebook Apps Leaking Your Information
A report was recently published claiming that nearly 100,000 Facebook apps have been leaking access codes belonging to millions of users’ profiles. Symantec released the report and said that an app security flaw may have given apps and other third parties access to users’ profiles. Facebook maintains that they have no evidence of this occurring.
In their report, Symantec wrote:
We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.
These “access tokens” help apps interact with your profile.They are most often used to post updates from the application to your wall. When you add the applications to your profile you, as the Facebook user, is giving the apps access to your information by accepting their conditions. According to the investigation, these tokens were included in URLs sent to the application host and were then sent to advertisers and analytics platforms. If the recipient recognized the codes (meaning they have to be qualified to read and write HTML code), they could gain access to the user’s wall’s and profile.
Facebook Nigerian Scam Costs Victim $300,000+
At this point, we are all pretty used to the classic Nigerian Scam. Someone who is recently wealthy needs your help to gain access to the funds. They will let you keep $1 million if you will simply send them your bank account number so he can transfer $30 million to you. Its a dream come true to most!
What happens when that same scam is used on Facebook by one of your friends, by someone you trust? The results can be disastrous. One woman was scammed out of $366,000 because she felt sorry for the scammer’s sob story. The woman contacted the local authorities after realizing she had been conned by her Facebook “friend”. Police arrested six male suspects in Kepong, all allegedly connected to the Facebook scam: two Nigerians, two Bangladeshis, and two Malaysians. Investigators only managed to recover $5,000 in cash of the victim’s money, although they also seized 18 ATM cards, seven cell phones, and a laptop.
At least in this case the men were apprehended. In most scams of this nature there is no chance of finding the scammers and the money is long gone. Even when one of your Facebook friends asks you for something (money, help, information), your first reaction should be healthy skepticism. Verify that what they are saying is true (call them before sending money). Often times, a thief will take over a friend’s account or create a false account in order to gain your trust and eventually, your money.
Geotag, You’re It! Disabling GPS Coordinates
Geotagging allows others to track your location even though you don’t know it.
With the increased use of Internet-enabled mobile devices such as the Blackberry, Droid and iPhone, geotagging has seen a huge increase in popularity. When social media users take a picture or video and upload it to their page, they are probably transmitting far more data than they think. With the ability to quickly add GPS information to media, smartphones make geotagging a simple task.
So What is Geotagging?
Simply, geotagging is where location or geographical information, such as your GPS coordinates, are added and embedded to different types of media (.jpg, .mov files, etc.). Invisible to the naked eye and the casual observer, geotags are part of the meta-data, or underlying data about the data, that accompanies each file. Examples of meta-data include when the file was created or modified, by whom, using what device and software. This data is often loaded on to your computer along with the original file. Browser plug-ins and certain software programs can reveal the location information to anyone who wants to see it.
Twittervision makes great use of geotagging. Twittervision is a web mashup combining Twitter with Google Maps to create a real time display of tweets across a map (see photo above). It also has a 3D mode that displays a globe of the Earth which spins to pinpoint arriving messages from Twitter.
Facebook Privacy Breach – Eventually, We’ll Lose our Trust
According to a Wall Street Journal investigation, Facebook apps are sharing more about you than you think.
The Journal stated in their article, Facebook in Privacy Breach, that many of the most popular applications on the site are transmitting personal information about you and even your friends to third party advertisers and data companies. Apps such as BumperSticker, Marketplace, or Zynga’s Farmville (with over 50 million users) can be sharing your Facebook User ID with these companies. This can give as little information as your name, or as much as your entire Facebook Profile. In some cases, your data is being shared even if you have set your Facebook privacy settings to disallow this type of sharing.
According to the Journal:
“The most expansive use of Facebook user information uncovered by the Journal involved RapLeaf. The San Francisco Company compiles and sells profiles of individuals based in part on their online activities.. The Journal found that some LOLapps applications, as well as the Family Tree application, were transmitting user’s Facebook ID numbers to RapLeaf. RapLeaf then linked those ID numbers to dossiers it had previously assembled on those individuals… RapLeaf then embedded that information in an Internet-tracking file known as a cookie.”
RapLeaf in turn transmitted this Facebook ID and user information to a dozen other advertising firms.
Facebook: Press 2 For Law Enforcement
I received an email last night from a well-known TV anchor wanting my input on a new Facebook issue. He’d read that when calling Facebook Headquarters, the automated attendant comes on and gives you options to reach each department, and the second option was to press 2 for “law enforcement.”
It could seem odd to many, but it’s true. If you call the Facebook Headquarters (650-543-4800) and reach the switchboard, the 1st option is “For customer support, press 1″ and the second option is “For law enforcement, press 2″. Law enforcement comes ahead of business development, marketing, press, and employment verification in the list of options.When you press 2, the next message says: “This message is only for members of law enforcement. Please note that due to a very large volume of incoming calls, the current call back time is two to four business days. For a faster response, please leave your work authorized email address… A member of Facebook’s security team will email in a timely manner.” Which means that Facebook is very busy fielding calls from law enforcement.
The anchor, and the rest of us, want to know why!
How to Disable Facebook Places
Last week Facebook introduced a new location tracking application called Facebook Places. This gives users the ability to check in with Facebook from their mobile device and update their friends (and even tag their friends) on where they are. What many Facebook users don’t realize is that this tool is currently activated by default, and in order to turn it off, users have to go in and adjust their privacy settings. Until you do that, your friends can check you in to different locations (and you may not even be there!).
Here is the step by step process to disable Facebook Places:
1. Log into your Facebook account, and at the top right drop down menu under Account click Privacy Settings.Once you are in Privacy Settings you will see this screen:
2. Click Custom (if that isn’t your selection already) and then click below 0n Customize Settings.
3. You should see the following screen, where you will need to make 2 changes – first, to Things I share and then to Things others share. Under Things I share click on the drop-down box next to Places I check in to click custom and chose to make this visible to Only Me.
5. Scroll down on the Customize page to Things others share:
Facebook ‘Dislike Button’ is a Scam!
According to Cnet.com, security firm Sophos has highlighted yet another scam that’s zipping around Facebook in the form of a third-party application, this one spreading in the form of links claiming to be from friends that encourage members to install a Facebook “dislike button.”
Sophos wrote about the scam in a post on Monday, pointing out that a link to it tends to appear in wall posts that appear to be from the user’s friends (“I just got the Dislike button, so now I can dislike all of your dumb posts lol!!”) but which are actually automated messages from friends who have already been duped. The scam’s purpose is to force users to complete a survey contained in the application, a bit of trickery that has already been known to be perpetuated through scam links like “Justin Bieber trying to flirt” and “Anaconda coughs up a hippo,” the two of which presumably would be enticing to rather different demographics of Facebook users.
As Facebook’s surging membership numbers have blazed past 500 million around the world, its channels of fast social connection and messaging have become a prime target for scammers and viruses.This one’s particularly nasty because a “dislike button,” offering some kind of counterpoint to Facebook’s own “like” button is something that many members have been clamoring for.
Facebook Status Update Leads to Robbery
When you are ‘friends’ with people on Facebook that you are not actually friends with, how do you know whether they have good intentions?
A recent segment on CNN discusses the risks that you may be taking while updating your Facebook status. You don’t know who is looking at your private information because it’s really not private – it’s public. Keri McMullen found this out the hard way after she posted a simple status message that she was going to see a band with her fiance. It only took the burglars calling the venue to find out what time the show was starting to know when they could break into her home. The burglars showed up 35 minutes after the McMullens left for the concert.
It is that simple. You post a casual message to your “friends” that could turn into a nightmare where, like Keri, you lose upwards of $11,000 in personal property. They were lucky that they had cameras installed in the home and were able to catch the perpetrators on film. After posting pictures of them on her Facebook page (a good use of social networking), another friend recognized the intruders as Keri’s high school classmate.
Facebook Hits 500 Million Users: 3rd Largest Country
Facebook has the Population of the Third Largest Country
Wednesday, July 21, 2010 marked a big day for Facebook. CEO and founder Mark Zuckerberg announced in a blog post that the social networking website hit over 500 million users in only 6 years.
If you take a look at the worlds largest countries in terms of population (as of today according to Wikipedia) you find that China is #1 with 1,339,130,000, India is #2 with 1,184,513,000 and #3 is the United States with only 309,944,000. This would mean that if Facebook were a real country with their population of 500,000,000, then it would clearly surpass the USA for the #3 ranking.
Many believe that Facebook will hit a billion users in less than a year by looking the rapid growth they have encountered since their founding. With their fast expansion the privacy issues on the website keep mounting as well. Make sure when you are using Facebook you are using it with the best possible protections – your common sense. Click here to learn more on Facebook Safety for users and parents of users.
Why Facebook Privacy Settings Don’t Matter
A new article in PC world discusses why the privacy settings on Facebook don’t matter – it instead blames the user for their own data breach. It recommends that those on Facebook should use their common sense and think in the long term. By controlling what you share and only sharing what is responsible Facebook is no longer in charge of your privacy.
Why Facebook Privacy Settings Don’t Matter
John C. Dvorak – I find it endlessly amusing how so many articles are written about Facebook and its cavalier lack of concern over privacy issues (case in point: Read Dan Costa’s column). A large community is up in arms over the fact that Facebook consistently changes the way it operates and constantly resets the privacy settings of the users to nil, as in NO PRIVACY.
This amuses me because it seems as if the majority of Facebook users don’t even know about or care about the privacy settings. Once in a while some old lady is flabbergasted by the fact that anyone can write on her wall, sure. And once in a blue moon some teenage girl says she “didn’t know” her teachers could see her comments. All the while the users of Facebook are increasing by the millions as the complaints are increasing by the thousands, thus amounting to nothing of consequence.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
