The Sophos Facebook ID Probe

The good people of Sophos, a popular security company, are warning users of social networks of the dangers of allowing strangers to gain access to their online profiles.

Sophos fabricated a Facebook profile for a "Freddi Staur" (an anagram of "ID Fraudster") and then sent out 200 friend requests. They wanted to see how many people would respond and how much personal information could be gleaned from the respondents.

Here are the results:

  • 87 of the 200 Facebook users contacted responded to Freddi, with 82 leaking personal information (41% of those approached)

  • 72% of respondents divulged one or more email address

  • 84% of respondents listed their full date of birth

  • 87% of respondents provided details about their education or workplace

  • 78% of respondents listed their current address or location

  • 23% of respondents listed their current phone number

  • 26% of respondents provided their instant messaging screenname

  • "Freddi may look like a happy green frog that just wants to be friends, but actually he's happy because he's just encouraged 82 users to hand over their personal details on a plate," said Graham Cluley, senior technology consultant at Sophos. "While accepting friend requests is unlikely to result directly in theft, it is an enabler, giving cybercriminals many of the building blocks they need to spoof identities, to gain access to online user accounts, or potentially, to infiltrate their employers' computer networks."


    Newest 4
    Newest 4 Comments


    What's to buy? What am I giving up simply by being on Facebook? The only thing social networking is selling is its audience; they are selling my page views to the advertisers.

    And since your comment was a troll in the first place, I'll go on to say that you obviously don't understand the point of social networking. Sure maybe some people get off on having the most friends or joining the most clubs or whatever, but they're going to do that sort of thing whether or not there are online sites for it. I don't think that anyone confuses online social networking with real-life face to face social networking, AKA making friends, chilling out, or doing any of the endless activities that people do together.

    Except you.
    Abusive comment hidden. (Show it anyway.)
    If you are shallow enough, vain enough, or stupid enough to buy into the whole social networking concept, you ARE the "sucker" PT Barnum was talking about, and deserve whatever scams fall upon you.
    Abusive comment hidden. (Show it anyway.)
    Login to comment.

    Email This Post to a Friend
    "The Sophos Facebook ID Probe"

    Separate multiple emails with a comma. Limit 5.


    Success! Your email has been sent!

    close window

    This website uses cookies.

    This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our Privacy Policy.

    I agree
    Learn More