Facebook CEO Mark Zuckerberg unveiled a raft of changes at this year’s f8 Developer Conference, many of which have left security experts concerned about a rise in Twitter-style spambots as well as targeted cybercrime attacks on users.
New privacy controls as well as the new Subscribers, News Ticker and Timeline features have boosted usability and sharing on the social networking, but according to BitDefender, the changes could also mean a rise in the number of privacy and security breach incidents.
The company has created a list of the Facebook changes, and the impact they could have on online security:
1. Smart Lists, will prompt users to share more information publicly, but will also have the adverse effect of supplying ammunition for targeted attacks.
- Smart Lists encourage people to complete their profile with details of their career, work projects, where they went to school or which city they live in. Every time someone creates a list with colleagues from a specific job, this is tagged in their profile. Of course, this is generally not confidential information, and the user has the final decision on whether to approve or reject the tag. But having this information public and indexable will make it much easier to create sophisticated, targeted attacks. Attackers will be able to find out exactly who is working for a specific company at any given time, their job and, more importantly, what project(s) they are working on. The additional information available to a hacker may lead to an increase in socially engineered attacks on businesses, where hackers attempt to gain access to a company’s network or confidential information by targeting its employees as the point of entry.
2. The Subscribe feature could increase the number of spambots, just like on Twitter.
- The subscribe feature lets Facebook users follow people of interest, much like Twitter. It also allows your updates to be followed by others, even if they are not friends with you on Facebook. But with the introduction of Twitter-like features, BitDefender believes that Facebook users may see an increase in the number of Twitter-like threats and annoyances, too.
- These include spambots and fake schemes that try to lure users in with promises of obtaining more subscribers to their profile page.
3. The Timeline feature means everything you’ve ever shared on Facebook is now available and easy to browse.
- Timeline is a revolution of usability, but it’s also the open story of your life to date on the social network. If the default settings are not changed, to restrict who can see your wall, the content will, by default, be available for anyone to see. Friends, photos, places you have checked in, relationships and much more.
- It’s important for Facebook users to be aware of this privacy setting when using Timeline, and adjust this accordingly.
4. Health is now social… and public.
- The Facebook timeline considers health information social. While it will be easy to share health-related updates such as breaking a bone, undergoing surgery or overcoming an illness, this information is also set to public by default. While seemingly innocuous, information about health that is shared publicly may risk being exploited for identity theft or social engineering attacks.
5. Widgets, open the door to interactive scams.
- With Timeline, Facebook also introduced widgets that live on users’ profile pages, which takes social interaction to a whole new level. Until now, anyone who had an application installed could only interact with other users within the app. Now, the app is on the user’s wall, so anyone who interacts with the user profile can also interact with the app.
- This isn’t a concern for legitimate apps, but the ease with which they can be accessed may lead to fake or scam apps spreading quickly through the social network.