No announcement yet.

How to Fix Facebook Privacy Issue

  • Filter
  • Time
  • Show
Clear All
new posts

  • How to Fix Facebook Privacy Issue

    Facebook Privacy Setting That Makes Your Identity Vulnerable

    If you pay attention to the security settings in your Facebook profile, you will find a privacy setting that says ‘Who can look me up?’, or "Who can look you up using the phone number you provided?" which has been set to ‘Everyone’ by default.

    This configuration allows you to search anyone just by entering his or her phone number; as a result, the search box in Facebook will display the profile of that person.

    But, Can you imagine, How Cybercriminals can take advantage of this crucial privacy blunder?

    By exploiting this default feature with a simple trick, the researcher was able to link thousands of phone numbers to respective Facebook accounts.
    Moreover, this security flaw in the search facility of Facebook has recently led to data stealing of about 1.5 million Facebook users.

    Moaiandin has alerted Facebook about this serious issue and asked them to make the Facebook APIs pre-encrypted.
    However, the security loophole remains intact, allegedly leaving the social site's 1.44 billion users open to social engineering attacks and identity theft.

    The researcher has contacted Facebook twice since discovering the flaw. Though, Facebook apparently doesn’t consider it a vulnerability that can be abused.

    According to Facebook Security Team, there are controls in place to monitor and mitigate such kind of API abuses.
    The company said it has strict rules that limit how developers could use the APIs and immediate action against anyone who break them.

    How to Fix Facebook Privacy Issue

    Meanwhile, security measures can be taken and you can keep yourself safe from being a victim of such activities.

    For this you can follow some simple steps given below:

    -Do not share your phone number in your profile.
    -Alternatively, Change the ‘default’ settings to ‘Friends only’.

    But, to give it a thought what does a person gain out of this act?

    An attacker with malicious intent could sell the collective database of the ‘personally identifiable information’ in the black market, which can put a users' life at risk.

    Moreover, if you are a victim of such attacks, then you should think of what the hacker’s next step could be! Identity theft, financial losses, malware infections and phishing attack..and what not!