Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 29 January 2013 / Published in Woo on Tech

Facebook Graph Search – Cutting Bait for Phishers

Facebook Logo

Remember the announcement of Facebook’s new “Graph Search” feature? No? I don’t blame you. Until most folks can get their hands on it and see what it can do with data from people they know, it’s hard to envision how Facebook’s “innovation” is important. Security analysts, of course, eat and breath this stuff, and as they are trained (and expected) to do, they have extrapolated how this powerful social media search tool could be put to nefarious use. Christopher Hadnagy (Social-Engineer.org) put it succinctly:

Usually, a phisher or spammer collects a couple hundred email addresses and they’re hoping 10 percent of those who get it have an interest in what the email is about. With this tool, it gives a malicious person the ability to figure out whom to target with a particular message because they know their interests.

In case you aren’t aware how “phishing” works, the core conceit is focused on fooling the reader into clicking on links and providing confidential information to a counterfeit website. Phishing is most effective when the target gets an email that seems legitimate, e.g. using graphics and fake address from bank with which they already do business. Instead of having to rely on statistical probability, phishers can now target with ruthless efficiency any data available through Facebook’s Graph Search.

What this means for you:

If you are an avid user of Facebook with a tendency to openly share just about everything through social media, your data is already out there and viewable. If you are a casual Facebook user, but haven’t taken the time to adjust your privacy setttings, your data is already out there and viewable. Nothing has changed in that regard. However, up until now, you had a very, very thin layer of protection through the concept of “security through obscurity”. In other words, the sheer, overwhelming amount of data that is available greatly reduces your chances of being randomly identified and targeted. Think of it as wandering into the Library of Congress where the only way to find something was to know exactly what it was called and where it was located physically in the building.

Facebook’s Graph Search gives anyone the ability to search for anything in Facebook using a natural language query like, “Show me all the books on 19th century bridges built in the US with wood.” If those books are in the library and are viewable to the public, then they would be delivered in a tidy page that could be reloaded and refreshed whenever the search was needed. Here’s the key: the data is viewable only by those to whom you’ve granted permission to view. If you allow the public to see your contact information and “Likes”, that data will be viewable by not only your friends, but the internet, including the aforementioned phishers. If you haven’t reviewed the privacy and security permissions on your Facebook account, now is a good time to do so.

  • Tweet
Tagged under: cyberattack, facebook, graph search, hackers, phishers, phishing, privacy, security

What you can read next

Misleading Signs
YouTube and the Illusion of Control
Instagram Logo
Instagram can now use your content to make money
Linux targeted
Heartbleed bug has a “sequel” – Shellshock

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Social Media monetizes our need to be social

    Part of our occasional series “The Elepha...
  • Freemail accounts will be hacked

    Most of you know that I do not recommend using ...
  • LastPass Breach is bad news for everyone

    Late in the year, just in time for the holidays...
  • 2023 – Approach with Caution

    Traditionally I like my year-end messages to be...
  • Privacy sign

    Popular tax apps leaked your data to Facebook

    While it shouldn’t come as a surprise to any of...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP