Security experts have advised users to remove their mobile phone and home address details from Facebook, as changes to Facebook’s privacy settings will make it dangerously easy for rogue apps to get access to personal details.
Facebook is now sharing users’ phone numbers and home addresses with third party applications. Malicious applications – which already share Facebook identities – will pass phone numbers and address details to spammers and criminals, according to security expert Graham Cluley of Sophos. The warning is just the latest of several recent privacy warnings about the site.
“We are now making a user’s address and mobile phone number accessible as part of the User Graph object,” Facebook’s Jeff Bowen announced on a developer blog on Friday. This means that when a user adds a new application or service in Facebook, the site will offer to share the user’s details unless told not to do so in a dialogue box.
“Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions,” explained Bowen. “These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.”
However, the dialogue is not explicit enough, according to Cluley: “I realise that Facebook users will only have their personal information accessed if they ‘allow’ the app to do so,” he said, “but there are just too many attacks happening on a daily basis which trick users into doing precisely this.”
“It won’t take long for scammers to take advantage of this new facility, to use for their own criminal ends,” Cluley warned. A rogue app could collect phone numbers to be used by SMS spammers and cold callers, or gather street addresses for use in identity theft crimes.
Over the last year, while user numbers have climbed beyond 500 million, Facebook has been criticised for its handling of user privacy, beginning in January, when Facebook founder Mark Zuckerberg said that users no longer need privacy and want to share.
Since then, it has revamped its security settings, but has admitted that rogue applications already share personal information, with spammers and marketers.
On some measures, Facebook has overtaken Google as the most popular site, and it is seeking ways to capitalise on this popularity. A recent $450 million investment from Goldman Sachs valued the company at $50 billion (£32bn).
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…