News
Are fake Facebook users putting your business at risk?
According to a study from the University of British Columbia, Vancouver, businesses could be at risk from fictitious Facebook users. They conducted an experiment using fake accounts - complete with realistic names, photos and status updates - and demonstrated how easy it is to steal personal information, including email addresses and phone numbers.
For the benefit of this study, the fake users were actually scripts or "socialbots" programmed to look like real Facebook users. The study revealed that once friend requests were sent and accepted the socialbots had the ability to send connection requests to the friends of those who accepted the initial invitations. Generally, Facebook users are more likely to connect with people they share connections with. This means as the chain continued it became easier for the socialbots to scrape data from more and more Facebook users.
The implication is that as soon as you allow a socialbot access to your computer via a social networking website, such as Facebook or Twitter, your security is compromised and your device is at risk of malicious software or "malware". This means that the data security of those businesses using social media marketing could be at as much risk as individuals using such websites socially.
Results from the university study also showed that the socialbots were very convincing as real Facebook users and the Facebook Immune System, designed to spot fake profiles, was fooled. In fact, only 20% of the fake profiles were blocked when users reported them as spam. The infiltration rate was strong with more than 3000 people falling victim in the eight-week experiment and 250 gigabytes of personal data was gained. Scientists believe that with further refinements the socialbots could infiltrate as many as 80% of Facebook users targeted.
One of the researchers behind the experiment, Yazan Boshmaf, said:
"Overall, our research goal is not to expose Facebook Immune System's vulnerabilities per se, but to help Facebook and the wider community to build more secure systems that are less vulnerable to both human exploits (i.e., social engineering) and technical exploits (i.e., platform hacks)."
In response, Facebook stated that the results of the socialbots in this experiment were unrealistically successful because a trusted university IP address was used. They also claimed that records for their own security systems showed a higher success rate than that given by the researchers and a spokesperson for the social networking company said: "We have serious concerns about the methodology of the research by the University of British Colombia and we will be putting these concerns to them."
The research paper, The Socialbot Network:When Bots Socialize for Fame and Money, is due to be presented at the Annual Computer Security Applications Conference in Orlando, Florida.
For information on how to increase your business's Data Security please call Switch2IT's IT technical support experts on: 0800 0833416.