Rogue Facebook apps can now access your home address and mobile phone number
January 16, 2011 by admin
Filed under Security News
In a move that could herald a new level of danger for Facebook users, third party application developers are now able to access your home address and mobile phone number.
Facebook has announced that developers of Facebook apps can now gather personal contact information from their users.
I realise that Facebook users will only be allowing apps to access this personal information if they “allow” the app to do so, but there are just too many attacks happening on a daily basis which trick users into doing precisely this.
Facebook is already plagued by rogue applications that post spam links to users’ walls, and point users to survey scams that earn them commission – and even sometimes trick users into handing over their cellphone numbers to sign them up for a premium rate service.
Now, shady app developers will find it easier than ever before to gather even more personal information from users.
You have to ask yourself – is Facebook putting the safety of its 500+ million users as a top priority with this move?
Wouldn’t it better if only app developers who had been approved by Facebook were allowed to gather this information? Or – should the information be necessary for the application – wouldn’t it be more acceptable for the app to request it from users, specifically, rather than automatically grabbing it?
It won’t be take for scammers to take advantage of this new facility.
My advice to you is simple: Remove your home address and mobile phone number from your Facebook profile now. While you’re at it, go through our step-by-step guide for how to make your Facebook profile more private.
By Graham Cluley @ nakedsecurity.sophos.com
How to clean-up your profile after a Facebook survey scam By SOPHOS
December 20, 2010 by admin
Filed under Security Channel
Never Texting Again: Facebook rogue app spreading quickly
July 8, 2010 by admin
Filed under Security News
Updated Over 290,000 people have in the last few days clicked on a link that is spreading virally across Facebook, claiming to point to a video of someone who died after sending a text message on their cellphone.
The links are being posted on innocent Facebook users’ walls by a rogue application. A typical message posted by the rogue application reads:
I am shocked!!! I'm NEVER texting AGAIN since I found this out. Video here: http://bit.ly/a37TaB - Worldwide scandal!
If you do make the mistake of clicking on the link then you are taken to the rogue Facebook application
The problem is that even though Facebook is warning users that they are giving the “I will never text again after seeing this” application permission to post to their wall (as well as access their personal information) many people are still go ahead and press “allow”.
Why should you ever have to grant an application such permissions in order to watch a video?
Sigh.. Sometimes you just feel like you’re hitting your head against a brick wall..
Sure enough – with the permission granted, the application begins to spread its links virally via your Facebook profile:
I'm Never Texting Again Since I Found This Out
<name> has seen a shocking video, which shows someone dying because of texting
Properly cleaning-up your account after you have given permission for the rogue application to access your Facebook account takes two steps. But I’ll throw in a third for good measure.
1. Remove the application
Firstly, visit your Application Settings on Facebook and click on the “X” to remove the app from your profile.
You will be asked to confirm if you really want to remove it. Obviously the correct answer is to go ahead and remove it.
2. Clean-up your wall
With the application gone, you now need to clean-up your own wall – and stop advertising the link (and rogue application) to your online friends. Hovering your mouse over the posts on your wall should display a “Remove” option which will allow you to sanitise the news feed you are sharing with others.
3. Get smart
There are only two things you need to do to clean-up your Facebook account, but I’d recommend you get yourself educated about internet threats too, so you’re wise to these sort of attacks in the future. If you’re regular user of Facebook, you should really join the Sophos page on Facebook to be kept informed of the latest security scares and attacks.
