Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Study: Facebook users are easy targets for identity theft

Facebook users give out personal information too readily
By Ellen Messmer , Network World , 08/14/2007

Users of the Facebook social-networking site are too gullible in giving up personal information, which could make them the targets of identity theft, according to Sophos research.

Sophos fabricated a Facebook profile and asked 200 Facebook users at random to give up personal information. Sophos says its probe involved setting up a profile page for “Freddi Stauer,” an anagram for “ID Fraudster,” displaying a small green plastic frog that divulged personal information about the fictitious Freddi. Using Freddi as the front, Sophos sent out 200 friend requests to find out how many people would respond and what kind of personal information could be collected from the Facebook users.

“It’s extremely alarming how easy it was to get users to accept Freddi,” said Ron O’Brien, senior security analyst at Sophos, which makes security products for antimalware and network-access control for business.

Out of the 200 friend requests, Sophos received 82 responses, with 72% of those respondents divulging one or more e-mail address; 84% listing their full date of birth 87% providing details about education or work; 78% listing their current address or location; 23% giving their phone number; and 26% providing their instant messaging screen name.

Sophos says in most cases, Freddi also got access to respondents’ photos of friends and family, plus a lot of information about personal likes and dislikes, and even details about employers.

Facebook users were all too willing to disclose the names of spouses and partners, with some even sending complete resumes. One Facebook user divulged his mother’s maiden name -- the old standard used by many financial and other Web sites to get access to account information.

Most people wouldn’t give this kind of information out to people on the street but their guard sometimes seems to drop in the context of a friend request on the Facebook site, O’Brien says.

According to Sophos, the results of what it calls its Facebook ID Probe has significance for the workplace as well as personal life because businesses need to be aware that this type of social-networking site may pose a threat to corporate security.

“They can put a significant strain on the network and can also expose confidential corporate data to malicious outsiders,” O’Brien says.

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed

Whitepapers

Magic Quadrant for Application Delivery Controllers

Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...

Vulnerability Management For Dummies

Download this concise book "Vulnerability Management for Dummies," to learn about the simple steps...

The ROI and TCO Benefits of Data Deduplication for Data Protection in the Enterprise

This paper examines and quantifies the costs and benefits of backup with deduplication storage as...

Webcasts

Transforming the Enterprise WAN Edge: Video from Cisco

Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...

PoE Plus: Impact on the PoE Market

The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

Harnessing the power of communications to increase workplace performance

Due to the convergence of IT and telecommunications technologies, the business workplace has been...

Special Reports

The Evolution of Network Security

We have so many holes punched in our firewalls today that many industry insiders question the value...

The self-managed network

We aren't there yet, but advances in network and systems management tools are making it possible to...

Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.