What better place to steal identities than breaking into a site housing over 175 million of them...
In all honesty, aren’t we surprised this hasn’t happened sooner…?
The Beeb is reporting social networking king site (seems a safe title these days) Facebook has faced no less than five separate security alerts in the last seven days. The format of the attacks are said to be fairly similar: phishing with fake messages that are given an air of authenticity by layering them with data from aspects of publicly available user profiles.
Four of the five attacks then install malicious applications, the other comes via a new variant of the Koobface virus which hit the site in December last year. All have the same goal: attempt to attain profile data which can be used in identity fraud and sell it. Common tricks include requests for help from fellow members and rogue applications which aim to report back valuable data from the user and their friends such as complete DoBs, addresses with post codes and even family and pet names which are commonly used in passwords.
At this stage it is reported the applications are largely at a proof of concept state but vigilance is promoted. As is the basic intelligence not to join a huge network such as ‘London’ and leave all these bits of data lying around. Think: if hackers are willing to go to lengths to get such information then why are you sharing it en masse in the first place?
Of course Facebook is attempting to stamp out these malignant apps and intends to begin a large scale user education programme. If you’re reading this however you’re already one significant step ahead…
via BBC News