Want to stay current on e–commerce law? Sign up for Email Newsletter.
Study Finds Facebook Users Willing to Share Personal Information with Complete Strangers
Computer-security company Sophos PLC recently conducted an experiment designed to test the precautions that users on the social networking website Facebook employed to protect their personal information. The experiment consisted of creating a fake profile page, sending out friend requests to 200 randomly selected persons, and seeing what personal information could be obtained from these 200 users.
The experiment revealed that 41% of those contacted were willing to divulge personal information, including email address, date of birth and phone number, to what was effectively a complete stranger. Many users also disclosed the names of their partners; 35% provided details about their education or workplace; one even divulged his mother’s maiden name. Such information can be used not only to create individually focused phishing emails and malware, but can also be used to obtain further information for various types of ID theft and credit card fraud.
The Sophos experimenters noted that the problem was fundamentally about the “human factor”, since Facebook privacy controls allowed users to easily protect their profiles. The Sophos experimenters also noted that the privacy controls in Facebook went far beyond those available on many competing social networking websites.
Although the experiment acutely raised various issues relating to ID theft of individuals, it also revealed the potential security impact of social networking websites such as Facebook on businesses: much of the personal information gathered can be used to guess at users’ work passwords, thereby exposing employers of such Facebook users to various security breaches.
For additional information, visit:
http://www.sophos.com/pressoffice/news/articles/2007/08/facebook.html.