 |
Privacy and Crime Tripping Up
Facebook
By John Jaser,
Internet Services Manager |
Evidence is mounting that
Facebook – the most widely-discussed web
experience in America – could be tripped up by
privacy issues and cyber crime, even while it
grows to gigantic proportions.
Facebook
now serves pages to 7% of the world’s population
(500 million users). Marketing books on social
media are selling like iPhones. Some banks even
have a presence on Facebook.
Why not?
Facebook serves 260 billion pages per month,
more than Google or any other web site. Half of
all Facebook users log in on any given day and
share more than 1 billion web links, news, blog
posts, videos, photos, music and more. No wonder
prominent media pundit Steve Harmon recently
suggested that Facebook might beat Google’s lock
on Internet search by launching its own search
function.
But that’s only one side of
the Facebook story. The other side reveals an
ongoing war between Facebook and the more
sensitive members of its burgeoning user base.
Changes to privacy settings late last
year set off a wave of angry blog posts which
have yet to subside. More recently, The Wall
Street Journal reported that Facebook was
sending user names to advertisers when the users
click on ads – a practice that has attracted
Federal Trade Commission attention as well as
angry user response.
Angry users and
energetic regulators aren’t the only people
interested in Facebook’s treasure trove of
personal information. Cyber criminals are right
behind them, piecing together details to refine
their general phishing activities into ‘spear
phishing’ attacks – one of the fastest and most
deadly forms of cyber crime.
Using
personal details gathered from publicly
available web sites, today’s cyber criminals can
launch phishing emails to specific individuals
that dramatically increase the attack’s success.
The Anti-Phishing Working Group reports a
substantial increase in phishing attacks focused
on high value targets, such as personnel with
treasury authority.
Is it any wonder
that major corporations have begun to deploy
policies that prohibit employees from
participating in blog discussions and social
media sites? Even when employees are off
premises, companies insist that their employees
are “still bound by the company’s
confidentiality policies.”
Perhaps such
policies are draconian. But they might be
increasingly necessary responses to the dangers
of personal information now available on social
media sites to marketers and cyber criminals
alike.
The following chronology
highlights the rapid unveiling of Facebook
information about its users:
In 2005,
Facebook users could view each others’ personal
information only if they belonged to at least
one group specified by the user. Two years
later, ‘public information’ on Facebook included
the user’s name, school (Facebook started as a
service for college students), and profile
photo.
By December 2009, publicly
available information on Facebook included the
user’s name, profile photo, list of friends and
pages the user is a fan of, gender, geographic
region, and networks. Third-party search engines
had access and were actively indexing every bit
of it. If you have any doubt, visit
www.youropenbook.org.
Given this level
of information available to the general public,
it’s no wonder that cyber crime remains a growth
industry. The Internet Crime Complaint Center
recently reported that Americans lost about $559
million to Internet thieves in 2009 – more than
twice the 2008 figure, when $268 million was
stolen over the Internet.
Perhaps that
explains why Google Trends recently reported
that “DELETE FACEBOOK ACCOUNT” was the ninth
most popular U.S. request. I believe there’s
more going on at Facebook than meets the eye,
and that financial institutions should watch
carefully.
|
