Study: Many Facebook users are careless

After conducting an experiment, a team of researchers at the University of British Columbia in Canada has concluded that a fifth of all Facebook users are careless when accepting friend requests and automatically disclose their private information in the process. The researchers used 102 virtual Facebook profiles to harvest gigabytes worth of user data. To collect the data, they used "social bots" to send friend requests to more than 5,000 randomly selected users.

The researchers made their bogus Facebook profiles as attractive as possible to ensure that the unknown friend requests were accepted. For instance, they created fake accounts of good-looking men and women whose profile pictures were obtained from the hotornot.com rating site. The bots even generated status updates to make the profiles look more authentic. To prevent the Facebook Immune System (FIS) from kicking in, each bot only sent 25 requests per day. Nevertheless, twenty of the fake profiles were revealed as fakes eight weeks into the experiment.

When a user accepted a friend request, the bot was given access to the user's data – depending on the privacy settings – and harvested this data for the experiment. The researchers sent requests to 2,391 male and 2,662 female Facebook users. A total of 976 users accepted the request – about a fifth.

For this experiment, Facebook was chosen as representative of all social networks. The researchers' aim was to demonstrate that large networks are not immune against infiltration. Their conclusion: the security systems of such networks must be reconsidered and improved, and users themselves should think about what data they disclose to social networks and whose friend requests they accept.

(djwm)