Thursday, September 29th, 2011

Facebook’s planned changes from this year’s f8 Developer Conference may risk flooding the site with Twitter-style spambots and an increase in targeted attacks on its users, according to BitDefender, an award winning provider of innovative internet security solutions.

After updating Privacy Controls and silently pushing Smart Lists, the f8 Developer Conference pushed usability and privacy to a new level: Subscribers, News Ticker and Wall facelifts, as well as the star of the conference, Timeline and the new Open Graph. While these new features will drive more interaction and sharing between Facebook users, BitDefender believes that the number of privacy and security breach incidents will also increase as a result.

Catalin Cosoi, head of BitDefender’s online threats lab, shares five key concerns:

1. Smart Lists will prompt users to share more information publicly, but will also have the adverse effect of supplying ammunition for targeted attacks.

Smart Lists encourages people to complete their profile with details of their career, work projects, where they went to school or which city they live in. Every time someone creates a list with colleagues from a specific job, this is tagged in their profile. Of course, this is generally not confidential information, and the user has the final decision on whether to approve or reject the tag. But having this information public and indexable will make it much easier to create sophisticated, targeted attacks. Attackers will be able to find out exactly who is working for a specific company at any given time, their job and, more importantly, what project(s) they are working on. The additional information available to a hacker may lead to an increase in socially engineered attacks on businesses, where hackers attempt to gain access to a company’s network or confidential information by targeting its employees as the point of entry.

2. Subscribe feature could increase the number of spambots, just like on Twitter.

The recently introduced subscribe feature lets Facebook users follow people of interest, much like Twitter. It also allows your updates to be followed by others, even if they are not friends with you on Facebook. But with the introduction of Twitter-like features, BitDefender believes that Facebook users may see an increase in the number of Twitter-like threats and annoyances, too. These include spambots and fake schemes that try to lure users in with promises of obtaining more subscribers to their profile page.

3. Everything you have ever shared on Facebook is now available and easy to browse.

Facebook’s new Timeline is a revolution of usability, but it's also the open story of your life to date on the social network. If the default settings are not changed, to restrict who can see your wall, the content will, by default, be available for anyone to see. Friends, photos, places you have checked in, relationships and much more. It’s important for Facebook users to be aware of this privacy setting when using Timeline, and adjust this accordingly in order to protect their profile information.

4. Health is now social... and public.

The Facebook timeline considers health information social. While it will be easy to share health-related updates such as breaking a bone, undergoing surgery or overcoming an illness, this information is also set to public by default. While seemingly innocuous, information about health that is shared publicly may risk being exploited for identity theft or social engineering attacks.

5. Widgets… the open door to interactive scams.

With Timeline, Facebook also introduced widgets that live on users’ profile pages, which takes social interaction to a whole new level. Until now, anyone who had an application installed could only interact with other users within the app. Now, the app is on the user’s wall, so anyone who interacts with the user profile can also interact with the app. This isn’t a concern for legitimate apps, but the ease with which they can be accessed may lead to fake or scam apps spreading quickly through the social network.

“With the new Facebook features and changes, users need to be more vigilant than ever before when it comes to knowing what personal information they are sharing and with whom,” Catalin Cosoi said. “The main concern is that users are opted-in by default to share updates, which increases the risk of accidentally sharing a page, an event or an activity that they did not intend for others to see. As such, we recommend Facebook users to conduct a careful audit of the personal information they are sharing, once these new changes take into effect.”

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

Contact Profile


Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. Since 2001, the company has been an industry pioneer, introducing and developing award-winning protection. Today, Bitdefender technology secures the digital experience of 400 million home and corporate users across the globe.

Recently, the company has won a range of key independent recommendations in the US, UK and across Europe, including ConsumerSearch, Which?, Stiftung Warentest and Taenk. Bitdefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about Bitdefender and its products is available from the company's security solutions press room. Additionally, Bitdefender publishes Malware City providing the latest updates on security threats and helping users stay informed in the everyday battle against malware.
Anna Barnes
P: 02 8281 3802


Bitdefender, Facebook, security, f8



More Formats

View QR Code