By John Jaser
Evidence is mounting that Facebook – the most widely-used web experience in America – could be tripped up by privacy issues and cyber crime, even while it grows to gigantic proportions.
Facebook is now used by 7 percent of the world’s population (500 million users). Marketing books on social media are selling like iPhones. Some banks even have a presence on Facebook.
Why not? Facebook serves 260 billion pages per month, more than Google or any other website. Half of all Facebook users log in on any given day and share more than 1 billion links, news, blog posts, videos, photos, music and more. No wonder prominent media pundit Steve Harmon recently suggested that Facebook might beat Google’s lock on Internet search by launching its own search function.
But that’s only one side of the Facebook story. The other side reveals an ongoing war between the company and the more sensitive members of its burgeoning user base.
Changes to privacy settings late last year set off a wave of angry blog posts which have yet to subside. More recently, The Wall Street Journal reported that Facebook was sending user names to advertisers when users clicked on ads – a practice that has attracted Federal Trade Commission attention as well as angry user response.
Disgruntled users and energetic regulators aren’t the only people interested in Facebook’s treasure trove of personal information. Cyber criminals are right behind them, piecing together details to refine their general phishing activities into “spear phishing” attacks – one of the fastest and most deadly forms of cyber crime.
Using personal details gathered from publicly available websites, today’s cyber criminals can take aim at specific individuals and dramatically increase the attack’s success. The Anti-Phishing Working Group reports a substantial increase in phishing attacks focused on high value targets, such as personnel with treasury authority.
Is it any wonder that major corporations have begun to deploy policies that prohibit employees from participating in blog discussions and social media sites? Even when employees are off premises, companies insist that their employees are still bound by the company’s confidentiality policies.
Perhaps such policies are draconian, but they might be increasingly necessary responses to the dangers of personal information now available on social media sites to marketers and cyber criminals alike.
In 2005, Facebook users could view each others’ personal information only if they belonged to at least one group specified by the user. By December 2009, publicly available information on Facebook included the user’s name, profile photo, list of friends and pages the user is a fan of, gender, geographic region and member networks. Third-party search engines had access and were actively indexing every bit of it. If you have any doubt, visit www.youropenbook.org.
Given this level of information available to the general public, it’s no wonder that cyber crime remains a growth industry. The Internet Crime Complaint Center recently reported that Americans lost about $559 million to Internet thieves in 2009 – more than twice the 2008 figure, when $268 million was stolen over the Internet.
Perhaps that explains why Google Trends recently reported that “delete facebook account” was the ninth most popular U.S. request. I believe there’s more going on at Facebook than meets the
eye, and that financial institutions should watch carefully.
John Jaser manages Internet Services and Security at Avon, Conn.-based COCC, Inc., (www.cocc.com), a 43-year-old firm specializing in outsourced information technology and support.