10:46 AM
Connect Directly
Repost This

Most Social Network Users Post Private Data

More than half of social network users post private information online, exposing themselves to malware and identity theft, study finds.

Caught up, perhaps, in the joy of reuniting with old friends and keeping up with new ones, Americans are putting themselves at risk by sharing too much personal information on social networking sites, a new study by Consumer Reports found.

Two-thirds of online households in the United States use Facebook or MySpace -- almost double the number in 2009, the magazine reported in the "State of the Net" report published in the June 2010 issue. In the study of 2,000 online households, 40% posted their full date of birth, potentially opening the door to identity theft.

About one-quarter of Facebook users with children posted their kids' names and pictures, which could expose them to predators, the magazine said. Seven percent of those polled include their home address. This, coupled with users' frequent postings of vacation or travel plans, create an open invitation to non-virtual thieves.

"Many people use social networking sites to share personal information and photos with their friends quickly and easily," said Jeff Fox, technology editor for Consumer Reports, in a statement. "However there are serious risks involved, which can be lessened by using privacy controls offered by the sites."

Almost one-tenth of respondents had experienced problems such as malware, identity theft, harassment or scams as a result of their participation in a social network, the study found.

Cybercrime cost U.S. consumers $4.5 billion over the last two years, Consumer Reports said. By comparison, cybercrime from data theft and security breaches cost businesses about $1 trillion worldwide, a 2009 McAfee study found.

Social networking sites typically offer varying degrees of privacy, yet 25% of Facebook households either did not know of them or chose not to use them, according to Consumer Reports. The site last updated its privacy settings on April 22. Facebook's recently unveiled plans to use "social plug-ins" to extend its reach could create even more confusion among end-users.

Earlier this year, Facebook began sharing some personal information about account-holders with Yelp, a business review service; Pandora, a music service site and Docs.com, a Microsoft site for spreadsheets and word processing. Some government officials, such as Sen. Chuck Schumer, D.-N.Y. and Sen. Mark Begich, D.-Alaska, are urging Facebook to adopt simpler privacy policies.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-04-16
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

Published: 2014-04-16
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.

Published: 2014-04-16
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

Published: 2014-04-16
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

Published: 2014-04-16
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

Best of the Web