Facebook Spam and Not Giving Sites Your Login/Pass // NoahBrier.com

NOAH BRIER ON MARKETING, MEDIA, TECHNOLOGY AND RANDOMNESS.

LATEST ENTRY

Facebook Spam and Not Giving Sites Your Login/Pass

August 20, 2008 | RSS | EMAIL | PRINT | 4 COMMENTS

<rant>

Today I got some Facebook spam. It's the first time it's happened, it came from a friend and it ended up on my wall. After Twittering about it, Ray pointed me towards these posts on the Facebook blog. So it looks like the problem lies in people giving their username/passwords out to random sites with promises of apps (or something). These sites then take control of a user's account and send out a barrage of spam.

Okay, now for the rant. The reason this is happening in part is Facebook's own fault (as well as a lot of other parties). Part of the way these sites have expanded at the speed they have is by asking people to enter their email username/password and then crawling their contact list and showing users/sending out invites appropriately. By encouraging this kind of behavior, Facebook makes it seem okay to give a site (even one you trust) your username and password, which it shouldn't be. Ever. Period.

OAuth attempts to solve this problem by bouncing you over to the other site for approval, rather than asking for the login info. Google has implemented a version of this, but it's still not being used by many sites (the only integration I've seen is Dopplr).

Now Facebook isn't alone in this one. Every social site has a feature like this where they ask for email usernames and passwords. This is bad for business.

</rant>

Tags: facebook, security, socialnetworking

PREVIOUS ENTRY | NEXT ENTRY

LEAVE A COMMENT

NAME:	First name, first and last, whatever you feel like.
EMAIL:	Required, but not displayed (so don't worry about spam).
WEBSITE:	If you've got one, flaunt it.
COMMENTS:	You can use some HTML (a's, br's, p's, oh my!) if you'd like, if you don't know what that means, don't worry about it.
	REMEMBER ME? YesNo

COMMENTS

1Russell Fisher

If you can rant, so can I...

I couldn't believe this has been happening to me as well. The Apps issue was too MySpace to begin with. I have had to turn off or limited the profile of every friend that signed up with too many weird apps and now puts crazy messages on my wall (or sends me a virus through the messaging system).

Rant over, but seriously. Facebook was supposed to be the cleaner, better version of social networking. More and more add-ons damage the product and dilute their differentiation.

August 21, 2008

2Mitchell Dominguez

Everyday or every other day we seem to get another Facebook "security blip", or is it "blop"? My partner and I are On-Line Access-Privacy-Security Specialists for small businesses and solo online home business operators. Facebook is without a doubt one of the least secure online Web 2.0 social networking sites I have ever seen. It's an outright fiasco. Just DROP IT OUTTA YOUR LIFE!
There are other more SECURE ways TO MAKE "REAL FRIENDS" or promote your business online. Here's the "real deal". When your accounts on these social networking sites are compromised it's more than SPAM coming your way. There are only 2 things you really have to worry about.
Hackers have 2 goals.
1. Turn the compromised computer into a SPAM BOT. That means your PC/Laptop will now be sending out spam to everyone in your email address book. Get compromised real bad and your ISP will notify you that they are terminating service because you have been identified as a spammer. "No S--T Sherlock".
Just helped two sweet little old ladies get their account back so they can continue running their home based needle point business and blog.
2. KEYLOGGER Software can and will be downloaded into your PC for the main purpose of hacking your credit card #'s. private passwords, online banking info. Anything you type on your keyboard will be recorded and sent back to the hackers. My research shows 80% of keyloggers are UNDETECTABLE by your anti-virus anti spyware defenses. I won't even go into how ineffectual Norton/Symantic and McAfee really are.
This is what can truly happen to you with these security breakdowns on social networking sites. Never Ever give up your ID and access passwords. I signed up for a Facebook acct. to test promoting our 100% guaranteed Anti Keylogger Software. I only put down a work profile, lied about my age, (never ever give your real age or birthday out, people, Geez).
I only go into my Facebook account to test and see how much phony "friending" occurs and how much spam gets into my inbox.
"Drill Down" thru Web 2.0 networks and find the ones who cater to your interests and not just looking to "friend" everyone on the damn planet.
Cyber space is like the Wild-Wild-West of the 1800s' in America. See when your PC gets compromised by giving up email/access passwords the bad guys/gals now have access to you very LIFE.
My own personal online "friending" policy is this. I only "friend" those who have a Webcam and are willing to communicate via oovoo.com or tokbox.com etc. etc. Hey, I want to be able to talk to and see my "friends". That's social networking done on a very real level. Try it you just might find you'll like it.
And never ever give up your email/passwords or anything remotely like that just because you want something for FREE. Usually Free costs you a whole lot.
Mitchell Dominguez (Over n Out)

August 21, 2008

3Erica

Wow, I hadn't realized spam had spread into Facebook walls... Jeez. I don't use my Facebook that much, but now, I'll be even less likely to make use of it. Thanks for the post!

August 21, 2008

4Ray

Good points. One of the major reasons why I stopped adding apps in Facebook was due to the fact that the check box "allow this application to access all your data" made me cringe. You have no control or information on what the application is going to access... I'm definitely looking forward to standardized controls and protection.

August 22, 2008