Facebook puts users at risk of ID fraud

  • Marie Claire is supported by its audience. When you purchase through links on our site, we may earn commission on some of the items you choose to buy.
  • Facebook has been accused of failing to prioritize the safety of its 500 million-plus users by advising its app-developing community on how to obtain personal details

    Facebook has encountered criticised for putting users’ security at risk by allowing developers of apps the opportunity to acquire sensitive information, including telephone numbers and addresses.

    Although users of the social networking site must grant permission to anyone seeking personal details, it was feared many would accept requests without reading the small print. Rogue app-makers, using telephone numbers to scam money, could also benefit.

    Internet security company, Sophos, urged all Facebook users to remove their addresses and telephone numbers from their accounts immediately to reduce the risk of fraud.

    ‘Shady app developers will find it easier than ever to gather even personal information from users,’ says Sophos’s senior technology consultant, Graham Cluley.

    ‘You have to ask, is Facebook putting the safety of its 500 million-plus users as a top priority with this move? You can imagine, for instance, bad guys could set up a rogue app that collects mobile phone numbers and then uses that information for the purposes of SMS spamming or sells the data to cold-calling companies.’

    A spokeswoman for Facebook said: ‘You need to explicitly choose to share your data before any app or website can access it and no private information is shared without your permission.’

    The controversial move has since been temprarily suspended due to feedback urging Facebook to make people more clearly aware of when they are granting access to sensitive data.


    Reading now