We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Cyberbullies could exploit new Facebook tool

Attackers could post on other people's pages

A security vendor warned that a new Facebook feature could be exploited by cyberbullies.

According to F-Secure, the social network's new 'reply to this email to comment on this status' gives attackers a way to post messages on other people's Facebook pages.

These messages could include personal attacks that seem to come from a user but are actually written by someone who has compromised that person's email account, for instance.

The intent of the feature is to allow Facebook users to respond directly from their email when they receive notifications that include messages that have been posted to their Facebook accounts.

They can respond without having to go to the Facebook site first, eliminating a step and thereby saving time.

But eliminating that step can also leave a crack in Facebook's armor, according to F-Secure security adviser for North America Sean Sullivan.

Authenticating to the Facebook site before writing a reply drops out of the equation, so someone other than account holders can post.

"They can put words in my mouth," he says.

If a user's email account is compromised via phishing or direct hacking, spammers can respond to any Facebook notifications they come across, Sullivan says. It has posted a demonstration of how this can work here.

Facebook users can opt out of receiving the email notifications altogether by adjusting their settings.

Network World

Broadband speed test

PC security advice

See also: Facebook use jumps 600% on mobile web

See also:

IDG UK Sites

How to get a free EE Power Bar: Mobile and broadband customers eligible for free smartphone charger

IDG UK Sites

Why Netflix won't terminate your account for using a VPN, probably

IDG UK Sites

Forever 21 denies pirating Adobe, Autodesk and Corel software, accuses companies of 'bullying'

IDG UK Sites

New Apple TV 2015 release date rumours: Apple's WWDC invite shows Apple TV