Home
Book Reviews
Credit Card Fraud
Credit Reports
Definitions
New Pages
News (EU)
News (UK)
News (USA)
Online
Phishing
Prevention
Statistics
Top 10 Tips
Useful Websites
Your Stories
Legal Notice

[?] Subscribe To This Site

XML RSS
Add to Google
Add to My Yahoo!
Add to My MSN
Subscribe with Bloglines

Is Facebook Identity Theft Possible?

Be sure to keep reading to the end of the page to see our latest updates. Is it possible to do some sort of Facebook identity theft and what benefit might a criminal get from using the site?

As social networking sites become more and more popular, the amount of information displayed about an individual online increases.

However, as you may know, MySpace and Facebook differ significantly. MySpace seems to be used on a more professional basis by those in the entertainment industry. People, bands or DJs that have their own show, song or gig to promote seem to be everywhere in MySpace. For some, it seems to be a very low cost but high return way to build a buzz around them.

Facebook is different though. Since it is not possible - at least yet - to 'Pimp My Profile' and add music, videos and other images, the entertainment industry seems to not be getting involved.

Instead, the experience of your author shows that Facebook is instead being used by an ever expanding group of young, upwardly mobile professionals. These are the types with office based careers who would probably not want to be seen to be too wild to the outside world.

Since the site appears to have a different type of user, the information displayed is also different. For example, many people happily display their date of birth and details about their educational and employment backgrounds. This is because the site seems to be some sort of quasi dating site with the potential for job hunting thrown in.

These details can only be viewed by your connections, but that still could open the way for the potential of identity theft.

Being a member of a geographical 'network' also puts users at additional risk. Other members of the same network are able to view some personal profile details of others that they are not otherwise linked to. This may not sound too risky, but in big cities, this opens a profile up to a LOT of people.

The London network - for example - is at the time of writing the largest in the world with well over 1 million people. Why give all these random and unknown people access to your information? (This level of access has since changed).

As is discussed elsewhere on this site, for an identity thief to begin their work, they need very few pieces of information. Once they have found out a person's full name, date of birth, address, telephone number and social security number, there are many low level crimes that can be committed. Store cards can potentially be applied for or other basic identification documents can be applied for.

By displaying a number of these details online, an individual opens themselves to potential problems. When combined with a little background information which can be found on the site (place of study, hometown, type of job and employer) the task of impersonating a victim becomes much easier.

It is possible to switch off a number of features by using the site's privacy settings and this is a good thing to do. Of course, much better would be to put less information in a profile...

The introduction of Beacon by Facebook in 2008 altered the way in which personal information was gathered by the company. However, a semi-revolt by users forced the company to change approach and improve the potential privacy functions considerably.

As such, it is now possible to limit the amount that each 'friend' can see and whether your profile appears in search engine listings. Every user should be using these functions.

If you would like to keep updated about the latest changes in Facebook and it's policies, there is a Facebook site governance page. This page is used to gauge the thoughts of users to planned changes.

Update - November 2009: Facebook will start using your photos in ads that will appear on the profile page of your contacts. It is legal and is mentioned in the fine print when you create your account. If you want to prevent this, do the following: Settings, Privacy Settings, News Feed and Wall. Then click the Facebook Ads tab, choose "No one" and save changes.

The moral to this story, is that we should all be careful what personal information is displayed about us online. Otherwise, we may inadvertantly enable Facebook identity theft to be possible.

If all this fails to convince you that there are potential risks online to using social media websites, this story about a young man in Wisconsin that used Facebook for blackmailing his fellow students at school ought to provide pause for thought...

Update - December 2009: A survey by IT security firm Sophos looks at the use of Facebook and how much information is available. The results of this study are pretty scary from the standpoints of personal privacy and identity theft prevention.

Update - February 2010: Some research published shows just how many Human Resources professionals and recruiters use social networking sites to research candidates before they make a decision to hire or not. Knowing that 41% in the UK and around 70% in the US - amongst others - use such tactics ought to provide pause for further thought before "that" photo is posted and tagged...

An agency of the European Union, ENISA, has published this paper containing recommendations for online safety measures for consumers. If you have any concerns - and we all ought to have - we recommend that you read the position paper.

Also in February 2010 was Safer Internet Day organised by the European Commission to highlight the risks people - and specifically as a part of this campaign, children - take when posting personal details and information on social networking websites.

As if to highlight the potential problems that can be caused by a social network, this story by the BBC about Google Buzz - which was launched in February 2010 - shows the possible risks.

Update - March 2010: It seems that Facebook users have been hit by a massive phishing scam - people trying to obtain passwords and login IDs. It is reported on by CNN here . Should you receive the message, just delete it.

CNN also reports that a quarter of UK kids have tried hacking. It seems that this is mostly low skill things like guessing passwords into other people's Facebook and email accounts. Reassuring, huh?

Update - April 2010: The negative 'buzz' and discussions in US Congress surrounding Google Buzz and it's privacy policy are being addressed. As this BBC article explains, the Terms and Conditions are being altered (starting 5th April) to better protect users.

This CNN article reports on a current attempt to con Facebook users from their personal details by offering US$500 WholeFoods vouchers.

On 24th April, the following instructions started to do the rounds about Facebook Privacy Settings: As of today, Facebook has a new built-in application called "Instant Personalization" that shares your personal data with non-facebook websites for advertising purposes. It is automatically set to "allow." To disable it and protect your personal info, go to Account > Privacy Settings > Applications and Websites > Instant personalization and uncheck "Allow."

Also in the news in April is social networking site Bebo. According to this story on the BBC, it seems that it is important which social network you join and invest time into. If a site closes, what happens to user information then? And almost as importantly, what a waste of time for users that have built profiles and invested their spare time in building their personal network!

Update - May 2010: Is a Facebook backlash beginning? This post is proving to be wildly popular and explains some of the issues many people have with the way that Facebook conducts itself with regards to individual privacy and business. An enlightening read!

As the month rolled on, the controversy about the new Facebook privacy rules grew. They changed rules and the problems rolled along. This post from Mashable's Pete Cashmore explains more and this story about the risks of indiscreet Twittering proved interesting.

Update - July 2010: More news on the potential problems with social media. We have previously heard of people not being hired because of social media. However, this CNN editor was fired because of a public reaction against a post made on Twitter. Read the BBC story here .

More reports this month relating to Facebook include the concept of total saturation of their markets in developed countries. This story on CNN suggests that the growth in new users on Facebook is starting to slow in countries with high internet connectivity rates. In other words, perhaps everyone that wants an account now has one?

Also in July, it was announced that Facebook pages will have a "Panic Button" aimed at protecting children and teenagers on the site. The BBC reports on this big development in social media here . This really is a big development because until this, it has always been presumed that social media users can "look after themselves", but this is a tacit admission that there are bad people online - (just as there are good people as well!) and that we may need help to be protected from those bad people.

Important - Please Read: Also in July 2010 (on the 28th) news broke that 100 million Facebook profiles have had details harvested and are downloadable on a file on torrent websites! This is - apparently - only public information (listed in search engines etc), but still, to be available as one file is rather shocking. While this seems to be an ethical hack (designed to highlight flaws) it may open up new avenues of attack for identity thieves. Be sure to review and increase your privacy settings immediately.

Update - August 2010: The new like button seems to be coming in for abuse. It seems that there is a new dislike button that is being shared and spread but has malicious perposes. This CNN article explains how the article is spreading itself virally to friends of friends across Facebook. The button itself does not seem to be harmful, but weaknesses like this can be opportunities for criminals.

Also in August, this story on Mashable explains how a class action lawsuit has been filed in Los Angeles against Facebook. This relates to the way in which photographs (more specifically, of minors) have been used on the network via the like button. While not related to identity theft, this is in the very closely related area of the privacy and rights of users. It will be very interesting to see how this subject develops.

To read more about related subjects, please follow these links:

MySpace Identity Theft

Wireless Identity Theft

Online Identity Theft

Password Security Tips

Identity Theft Risks

Combat Identity Theft

Organised Internet Crime

Do You Have A Story About This?

Have you had experience of identity theft or some other form of personal information problem while using Facebook or other Web 2.0 properties? Please share it with us so that we can all learn.

Enter Your Title

Tell Us Your Story [ ? ]

Upload 1-4 Pictures or Graphics (optional) [ ? ]

Add a Picture/Graphic Caption (optional) 

Click here to upload more images (optional)

Author Information (optional)

To receive credit as the author, enter your information below.

Your Name

(first or full name)

Your Location

(ex. City, State, Country)

Submit Your Contribution

Check box to agree to these submission guidelines.


(You can preview and edit on the next page)

What Other Visitors Have Said

Click below to see contributions from other visitors to this page...

Contacts disappearing in both facebook and email accounts  starstarstarstarstar
My Facebook Friends, email contact lists from TWO different accounts have all been deleted, while a phishing scheme went out to my contacts that I had ...

Someone is using my facebook account  Not rated yet
I have recently found someone has been using my facebook profile to send rude and foul messages to my Facebook friends using facebook/mobile.

Editor'...

Identity Theft on MySpace and Facebook  Not rated yet
I have an Identity Theft tip for parents and students on the internet.

There is a free online class on how Facebook and Myspace users can protect themselves ...

Someone has set up a fraudulent Facebook profile of me   Not rated yet
Somebody opened a facebook page using my photo and some of my personal information from my official facebook page (of which the profile picture can easily ...

I am so upset  Not rated yet
I used not to have a facebook account. I have mortal fear of identity theft so I don't post pertinent information about myself and I did not ever personally ...

Identy theft from facebook  Not rated yet
I was compromised in Facebook, someone used my email and was able to use the same pages as mine. It wasn't pretty, I kept getting emails from people saying ...

Computer hackers using Facebook  Not rated yet
Four people, ALLEXANDRE KEVIN,JORDANE BERTHE, EMILIE MERCIER and ALEXANDRE VAUGEOIS hack your whole computer information by sending you a friend request ...

Someone else's name came up instead of me  Not rated yet
While trying to enter my profile (first time ever on facebook) I entered my email address and someone else's name and birthdate popped up. I'm assuming ...