Search

Subscribe to ProtectMyID Blog via RSS

Rss Posts

Rss Comments

Welcome to the ProtectMyID Blog

Lessons and stories from the front lines of fighting identity theft.

 

A friendly face can end up being a not so friendly invite

Jan 29

Freddi Frog

Did you know that two years ago, the people at the Internet security company Sophos created a Facebook profile for a fictional character named Freddi Staur?  Judging from the character’s appearance, you’d probably find Freddi to be cute and charming in a Barney kind of way but green instead of purple.  However, just from appearances alone, would you trust a humble looking green frog?

Sophos had created the character to test a proposition among social networkers to study what percentage of people would respond to Freddi’s “friend” requests and how much personal information they would divulge?  It turned out quite a bit.

According to Sophos experiment, 87 of the 200 Facebook users responded to Freddi’s friend request, while 82 of them leaked some sort of personal information. Of those sharing sensitive information, 84 percent divulged a full date of birth, 87 percent provided details about their workplace or education, and 78 percent listed a current address or location.  This information is enough to commit major identity theft related crimes.

Fast forward to two years later and so little has changed when Sophos reprised its earlier experiment with different fictional characters.  Of the 100 Facebook users, 89 percent shared their date of birth and 74 percent shared their college or workplace information.

The lesson here is if you’re going to maintain an online presence on Facebook or any similar site, it’s best to think through your privacy settings.  Furthermore, be careful with whom you become friends and never divulge sensitive information if it’s not necessary.  It’s better to be extra cautious or you could be the one who ends up turning green if your identity is stolen from a friend invite.

8 Comments Add your comment

  1. Tara
    Jan 29 at 13:38

    I have a FB account and I tend to accept invites from people I don’t really know based on their pics alone. Real informative and makes me re-think who I accept to view my profile.

    [Reply]

    ID-Alvin Reply:

    Hello Tara! Thank you for your response and we are glad this entry was thought provoking for you. We hope you pass this information along to your FB friends.

    [Reply]

  2. jenny b
    Jan 29 at 15:43

    i totally agree with you, my privacy settings on FB are very strict.

    [Reply]

    ID-Alvin Reply:

    Hello Jenny! It’s good to know you are being proactive to protect your online presence : -)

    [Reply]

  3. Robert
    Jan 31 at 02:15

    Very informative – I like this!

    [Reply]

    ID-Alvin Reply:

    Great! We are glad you liked this one. Pass this information along to your family and friends.

    [Reply]

  4. Scott
    Feb 01 at 13:46

    Hackers recently used this same technique to hack into Google.

    “The Financial Times reported Monday that the hackers who hit Google focused on employees who had access to proprietary data, then targeted their friends on social networking sites. The hackers were able to take control of the social network accounts of those friends with the aim of sending the targeted employees malicious e-mails from these trusted sources.”

    Source: http://www.wired.com/threatlevel/2010/01/hack-for-oil

    [Reply]

    ID-Alvin Reply:

    Hello Scott! Thanks for the feedback. An interesting article and good to know.

    [Reply]

Post a comment

Note: ProtectMyID.com takes your privacy seriously. In order to post comments on this Blog Site you will be required to provide your name and email address for verification purposes only. This information will not be shared, sold or used for marketing purposes. Confidential, private or credit information should not be posted to this Blog Site at any time. Children under the age of 13 are not permitted to post comments to this Blog Site.