Security experts have advised users to remove their mobile phone and home address details from Facebook, as changes to Facebook’s privacy settings will make it dangerously easy for rogue apps to get access to personal details.
Facebook is now sharing users’ phone numbers and home addresses with third party applications. Malicious applications – which already share Facebook identities – will pass phone numbers and address details to spammers and criminals, according to security expert Graham Cluley of Sophos. The warning is just the latest of several recent privacy warnings about the site.
“We are now making a user’s address and mobile phone number accessible as part of the User Graph object,” Facebook’s Jeff Bowen announced on a developer blog on Friday. This means that when a user adds a new application or service in Facebook, the site will offer to share the user’s details unless told not to do so in a dialogue box.
“Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions,” explained Bowen. “These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.”
However, the dialogue is not explicit enough, according to Cluley: “I realise that Facebook users will only have their personal information accessed if they ‘allow’ the app to do so,” he said, “but there are just too many attacks happening on a daily basis which trick users into doing precisely this.”
“It won’t take long for scammers to take advantage of this new facility, to use for their own criminal ends,” Cluley warned. A rogue app could collect phone numbers to be used by SMS spammers and cold callers, or gather street addresses for use in identity theft crimes.
Over the last year, while user numbers have climbed beyond 500 million, Facebook has been criticised for its handling of user privacy, beginning in January, when Facebook founder Mark Zuckerberg said that users no longer need privacy and want to share.
Since then, it has revamped its security settings, but has admitted that rogue applications already share personal information, with spammers and marketers.
On some measures, Facebook has overtaken Google as the most popular site, and it is seeking ways to capitalise on this popularity. A recent $450 million investment from Goldman Sachs valued the company at $50 billion (£32bn).
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…