The other face of Facebook

  • Published
  • By John Garbelotti
  • Joint Information Operations Warfare Center OPSEC Support
LACKLAND AIR FORCE BASE, Texas --  It seems that Facebook is so popular today that my high school age kids are now calling it "Loserbook". To me, ridicule by a teenager simply verifies that Facebook has reached the main stream of today's society. With recent growth in Facebook's popularity and the change in Department of Defense Facebook policy, it's a great way to boost morale by making communication with friends and family easier and quicker. Used smartly it serves that purpose well. But what about the other face of Facebook?

According to a Facebook press release there are more than 400 million active Facebook users. Of these 400 million, 50 percent of them are actively on Facebook daily. But Facebook is not just an American phenomenon; it is a worldwide one, as 70 percent of these accounts are from outside the US. With the average user having 130 friends, it makes you wonder how likely is it that the picture you posted of yourself in Vegas (maybe what happens in Vegas doesn't always stay in Vegas!) will appear on a computer screen in Macau or worse?

In addition, Facebook statistics show more than 1 million developers and entrepreneurs from more than 180 countries have created platform applications for Facebook, with over 550,000 apps currently in use. 70 percent of all users engage these apps monthly. In addition there are more than 200 additional mobile operators that are deploying Facebook mobile products, of which more than 100 million users employ. OK, so what's the big deal? How can this world-wide use of a social networking site be used against me?

Well, where do you want to start? Loss of personnel data, for use from everything from identity theft to social engineering, is a one of the largest threat areas. In fact, stolen Facebook accounts are currently on sale in high volume on the black market. The market for social network accounts stretches from here within the United States to Eastern Europe. The purchasers of these accounts then use them to send spam, distribute malicious programs and run identity fraud. The cost? Bundles of 1,000 addresses run from $25 to $45 depending on how many friends each account has, according to Riva Richmond in the May 2 article "Stolen Facebook Accounts for Sale" on NYTimes.com. We've all got those emails from the Nigerian prince that we ignore, but what if it's a request from your aunt on Facebook who says that she's stranded overseas and needs money? People have already been tricked by this ruse. Instead of confirming that your aunt is really in need, they trust Facebook because, previously, they accepted her as a friend and it's her picture and profile. So it must be her. Not realizing the potential threat or taking countermeasures to validate your aunt's needs could, and has, cost people cash.

Of course this Facebook scam is only one of many to separate you from your hard earned cash or property. Recently, criminals have been using social networking sites to find out if you're out of town. Pictures you post often provide them with an idea of the valuables they can target; and, it's not a picture you post of your new big screen TV that is the only issue, but also what detail can be brought out from the background. Think that the criminal is the only one profiting from your posts?

Even the insurance companies are catching on. According to a May 6 article on AOL titled "Never say this on Facebook or Twitter," a company in New England is considering raising premiums for homeowners with Facebook and Twitter accounts as their postings put them at higher risk of theft.

Spreading of malware is another potential area of risk. Data mined from Facebook accounts that share with everyone can be used to create fake accounts using pictures and other identifying information. Already having that persons list of friends, this false account can then re-invite you to be a friend, for whatever reason. Once you accept, opening links they send you can install malware on your computer for whatever end, says Rik Ferguson in his March 1 blog "New Variant of Koobface worm Spreading on Facebook".

Understanding the risks you face from a personal standpoint is just a beginning, and we haven't touched on how employers and schools can use your sites to find out more about you than you may want them to know (Again remember what happens in Vegas doesn't always stay in Vegas thanks to social networking sites). But what you post may also have more dire impacts on your professional life.

Take the case of the Israeli soldier who posted an update on an upcoming raid on his Facebook account. Details included the name of his unit, place of the operation and the timing. Luckily his posting was reported by his Facebook friends to the Israeli military authorities prior to the raid, and the operation was canceled. In this case valuable information the enemy could have used to defeat the operation was freely available, hadn't the Israeli military acted first. The offending soldier was court-martialed and sentenced to 10 days in prison, according to Robert Mackey in the March 3 blog titled "Israeli Raid Canceled After Facebook Leak". Granted, this article has just scratched the surface on how Facebook and other social networking sites can be used for nefarious ends.

But realizing that they have another face other than the easy to communicate and share with your friends and family is important to understand. Reviewing your privacy settings, being careful of who you "friend," watching what you post and not blindly opening links or downloading apps can prevent this other face from effecting you. Being aware of the threat and using social networking sites smartly can make the face of Facebook a pleasant one.