RealTime IT News

Report: Facebook Users Loose With The Info

Better know who your Facebook friends are.

According to a new report from Sophos, an IT security and control firm, 41 percent of Facebook users willingly divulge personal information, such as e-mail addresses, dates of birth and phone numbers to complete strangers.

To perform the study, Sophos created a Facebook profile under the name "Freddi Staur," an anagram for "ID Fraudster." For a profile picture, Sophos chose an image of a shiny, happy-looking frog statue. Sophos then sent out 200 friend requests to observe how many people would respond, and how much personal information could be gleaned from the respondents.

Out of that small sample size, 72 percent of respondents divulged one or more e-mail address, 84 percent listed their full date of birth, 78 percent listed their current address or location, 26 percent provided their instant messaging screen name and 23 percent listed their current phone numbers.

In total, 87 of the 200 Facebook users contacted responded to Freddi, with 82 divulging personal information.

With access to that sort of personal information, "Freddi Staur," or a real "ID Fraudster," have "enough information to create phishing e-mails or malware specifically targeted at individual users or businesses, to guess users' passwords, impersonate them or even stalk them," Sophos senior technology consultant Graham Cluley said in a statement.

Facebook spokeswoman Brandee Barker told Internetnews.com that the Sophos report describes Facebook's privacy features as "far beyond those of many competing social networks."

"Facebook has long deployed technology that limits the availability of personal information and welcomes every opportunity to educate users about how to protect their data online."

Sophos's Facebook privacy concerns are only its latest.

In an Aug. 6 post on one of its official blogs, Facebook was forced to warn developers that, as the post's title read, "Misleading Notifications To Users Will Be Blocked."

"Over the last few weeks we have noticed several developers misleading our users into clicking on links, adding applications and taking actions," the post reads.

"While the majority of developers are doing the right thing and playing by the rules, a few aren’t – and are creating spam as a result."

On July 31, the site went down for several hours. Later, Barker said a bug in the system had exposed a group of users to private users' pages.

"This was not the result of a security breach," Barker said in a statement.

But something broke, just as precautions against misleading applications seems to have failed to a degree.