The possibility of having your identity stolen and then illicitly used is one step closer now the social networking site Facebook has given developers of applications access to the contact information of users who install their applications.

Facebook issued an online statement saying “These permissions must be explicitly granted to your application by the user via our standard permissions dialogs,” Facebook’s Jeff Bowen said. “Please note that these permissions only provide access to a user’s address and mobile phone number, not their friend’s addresses or mobile phone numbers.”

Cyber safety expert and Generation next speaker Susan McLean, warned that young people “need to appreciate and accept that just as in the real world, there are dangers in cyberspace. Remember that cyberspace is permanent. Everything that you write, post and send can be traced and will remain there forever”.

Security experts are now also advising users to remove their personal details from their profiles. Graham Cluley from Sophos Security said “You have to ask yourself – is Facebook putting the safety of its 500+ million users as a top priority with this move? It won’t take long for scammers to take advantage of this new facility, to use for their own criminal ends.”

He added “I realise that Facebook users will only have their personal information accessed if they ‘allow’ the app to do so, but there are just too many attacks happening on a daily basis which trick users into doing precisely this.”

“You can imagine, for instance, that bad guys could set up a rogue app that collects mobile phone numbers and then uses that information for the purposes of SMS spamming or sells on the data to cold-calling companies,” he said.

Writer Helen Splarn. Editor Dr Ramesh Manocha.
Source: Sophos