The profile of Freddi Staur.
Credit: Sophos Security | ©Sophos Security
Four out of 10 facebook users agree to befriend a small green plastic frog, allowing it personal access to their personal data. A leading IT security firm, Sophos, set out to learn the how readily FaceBook Users allowed their personal information to bare its naked self to other strangers. So Sophos set up a fake profile under the name of 'Freddi Staur' (an anagram of ID fraudster). They then sent out 200 random friend requests to users around the globe. Over two in five accepted and leaked personal information to the inanimate green desk ornament.
While accepting a friend request on facebook is unlikely to result in any direct personal theft, it gives cyber criminals direct access to the user's general information, the basic building blocks to access your other information, like credit cards, government records or your company documents.
In the majority of cases, Freddi gained access to photos of family and friends, information about likes/dislikes, hobbies, employer details and other personal facts, such as date of birth. Many users also disclosed the names of spouses or partners, showed their complete resumes and one user revealed his mothers maiden name, a common security measure at most banks.
"Freddi may look like a happy green frog that just wants to be friends, but actually he's happy because he's just encouraged 82 users to hand over their personal details on a plate," said Graham Cluely, senior technology consultant at Sophos.
If freddi was a walking, talking cyber punk humanoid with fingers and a brain, his new "friends" just became his new targets. Through all the jicy facts he acquired through Facebook friend requests, he can create phishing emails or malware targeted specifically at individuals or businesses. He can be creative and try to guess your password, try to impersonate you or stalk you.
While accepting a friend request on facebook is unlikely to result in any direct personal theft, it gives cyber criminals direct access to the user's general information, the basic building blocks to access your other information, like credit cards, government records or your company documents.
In the majority of cases, Freddi gained access to photos of family and friends, information about likes/dislikes, hobbies, employer details and other personal facts, such as date of birth. Many users also disclosed the names of spouses or partners, showed their complete resumes and one user revealed his mothers maiden name, a common security measure at most banks.
"Freddi may look like a happy green frog that just wants to be friends, but actually he's happy because he's just encouraged 82 users to hand over their personal details on a plate," said Graham Cluely, senior technology consultant at Sophos.
If freddi was a walking, talking cyber punk humanoid with fingers and a brain, his new "friends" just became his new targets. Through all the jicy facts he acquired through Facebook friend requests, he can create phishing emails or malware targeted specifically at individuals or businesses. He can be creative and try to guess your password, try to impersonate you or stalk you.
Comments
Many Thanks great piece have always been worried about this myself and have had a friend who was a victim of identity theft and she is still suffering Look forward to your next piece. Have added you as a favorite so that I do not miss it.
Kind Regards
Steve Simmonds
This is very true and also very scary. Lately I have been recieving friend requests from spammers with no network, picture or information. They don't reply to messages asking who they are. I immediately deny and report them, but i notice that they already have hundreds of other friends.
This is the gateway to identity theft in the next generation.
Comments 1 - 2 (of 2)
|
|