Security experts have advised users to remove their mobile phone and home address details from Facebook, as changes to Facebook’s privacy settings will make it dangerously easy for rogue apps to get access to personal details.
Facebook is now sharing users’ phone numbers and home addresses with third party applications. Malicious applications – which already share Facebook identities – will pass phone numbers and address details to spammers and criminals, according to security expert Graham Cluley of Sophos. The warning is just the latest of several recent privacy warnings about the site.
“We are now making a user’s address and mobile phone number accessible as part of the User Graph object,” Facebook’s Jeff Bowen announced on a developer blog on Friday. This means that when a user adds a new application or service in Facebook, the site will offer to share the user’s details unless told not to do so in a dialogue box.
“Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions,” explained Bowen. “These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.”
However, the dialogue is not explicit enough, according to Cluley: “I realise that Facebook users will only have their personal information accessed if they ‘allow’ the app to do so,” he said, “but there are just too many attacks happening on a daily basis which trick users into doing precisely this.”
“It won’t take long for scammers to take advantage of this new facility, to use for their own criminal ends,” Cluley warned. A rogue app could collect phone numbers to be used by SMS spammers and cold callers, or gather street addresses for use in identity theft crimes.
Over the last year, while user numbers have climbed beyond 500 million, Facebook has been criticised for its handling of user privacy, beginning in January, when Facebook founder Mark Zuckerberg said that users no longer need privacy and want to share.
Since then, it has revamped its security settings, but has admitted that rogue applications already share personal information, with spammers and marketers.
On some measures, Facebook has overtaken Google as the most popular site, and it is seeking ways to capitalise on this popularity. A recent $450 million investment from Goldman Sachs valued the company at $50 billion (£32bn).
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…