Facebook Security Risk Online
Facebook Privacy Issues Expose Online Security Risk
A lot of noise has been made about Facebook's decreasing commitment to privacy. Some privacy advocates have gone so far as to suggest that legislation is needed to force Facebook to respect its users privacy the same way that financial reform legislation was needed to ensure that banks and credit card companies did not abuse customer's personal information.
On the other hand, many advocates of online freedom have suggested that the ordeal over the new Facebook privacy settings is must ado about nothing. Some have gone so far as to suggest that their is no privacy online anyway and that people should just get used to it. Ironically, those who claim they don't care about privacy are careful to not include the very private details that they say they are not worried about being disclosed. These supposed everything online is free advocates do not include information about family members, children, or even their personal address on websites like Facebook.
Of course, it is exactly this kind of intimate sharing of private personal information with ONLY authorized people that makes the website valuable to anyone other than social networking professionals and self-promoters who use Facebook for marketing.
However, even without the debate over what private information should be kept personal online is an even bigger issue. The threat to online security on everything from bank accounts and financial information to email account security.
Facebook Data Used By Hackers
Facebook goes out of its way to encourage users to share intimate details about themselves despite their founder's statements that nothing online is private anyway.
Facebook users are asked to enter all manner of information that is then shared with others. Some of that information can be controlled, other information is shared with everyone regardless of privacy settings.
Consider the matter of what High School one attended. Facebook makes this information public to everyone because the only way list one's high school affiliation in the official manner is by linking to the high school one graduated from, and all Facebook links and Facebook Fan links are shared with everyone no matter what the security settings.
While this may seem innocent at first, a closer look shows the danger of Facebook's lacking privacy controls.
Many financial accounts and other records can be accessed by supplying certain personal information about the user. For example, one of the common security questions used to "protect" financial accounts like bank login passwords and resetting email account passwords asks what your high school mascot was. Thanks to Facebook's weak commitment to privacy, finding out any user's high school mascot is just a few clicks away.
Type in the name of the user and their High School affiliation is there for everyone, from old classmates, to hackers in Nigeria, to see. Once the name of the high school has been found, a quick Google search will reveal the mascot AND the answer to your bank account's security question.
How many other security questions are easily obtained thanks to Facebook's disregard for user privacy?
Have you entered your "relationships" into Facebook? Is one of those your mother? Does your mother include her maiden name to help old classmates find her? How many steps is that until a hacker knows your mother's maiden name? How many more pieces of information would give a hacker total access to your bank accounts over the phone or via resetting your bank account's user name and password?
What other information has your bank or financial institution asked you for to "verify your identity"? How much of that same information is included in your Facebook profile?
Consider some of these "usual" financial security account verification questions and how easily accessible the answers are on your Facebook page?
- Mother's Maiden Name
- Home Address
- Telephone Number
- High School Mascot
- Name of Oldest Nephew / Name of Oldest Niece
- Name of Youngest Niece or Youngest Nephew
- Date of Birth
- Wedding Anniversary
- Birthdays of Children
- Spouse's Birthday
The list goes on and on.
Even questions like "First name of your favorite uncle," are easily cracked when all five of your uncle's names are listed in your Facebook friends list which is also made public to everyone who finds your profile, everyone you are friend of, everyone and everything you are a fan of. Just to be safe, a hacker might only try entering two uncle's names each day. That means it would take only five days to hack your financial information even if you had 10 uncles to go through.
Unfortunately, until Facebook makes a higher commitment to online privacy, the solution is to remove as much personal information as possible from Facebook and to avoid using security questions whose answers would appear on your Facebook profile. Whenever possible, choose your own security questions. Choose questions that have answer that would never be found on Facebook based on information either you OR SOMEONE YOU KNOW would put on Facebook.
Otherwise, it's only a matter of time before hackers get around to you.