We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,943 News Articles

How much is your Facebook profile worth?

How third parties turn your data into cash

The personal information that you willingly (or unwittingly) give to Facebook can be invaluable to its partners, who slice and dice the data to rake in hundreds. We find out just who's looking at and earning from your personal information.

Hackers and worms

Right now it's hard to know the worth of user data shared through Facebook's Instant Personalisation since the program is so new, but in the wrong hands such information could represent a large chunk of change.

A May article on TechCrunch reported a proof-of-concept exploit on Yelp that took advantage of cross-site scripting to grab Facebook addresses and other information. The exploit's author was a security consultant looking to prove a point. Yelp, which declined to be interviewed for this story, patched the vulnerability. No user data was stolen.

But other, genuine security threats are thriving on Facebook. The Koobface worm has been lurking on Facebook since 2008, growing more sophisticated with its ability to create an account, friend strangers, and join groups.

And hundreds of thousands of Facebook users have encountered a clickjacking worm that duped them into 'liking' pages that led to the installation of malware for perpetuating the worm's spread.

"The biggest danger that I can see is that they get your log-in credentials," says Beth Jones, senior threat researcher at Sophos Labs.

The intruders can gain access to information such as mobile phone numbers, partial credit card numbers, and billing addresses stored in the Payments section of Facebook's account settings.

"That's where some of the true value of stealing these log-in details comes in," says Jones. "[Attackers] can start pulling off some really decent identity theft."

Identity theft can also occur when a snoop looks through Facebook profile data that privacy settings haven't locked down. "Unfortunately a lot of password-reset questions are answered in your profile," says the Electronic Frontier Foundation's Opsahl.

So how much is your Facebook identity worth?

Researchers at VeriSign's iDefense recently reported that a hacker named Kirllos claimed he had 1.5 million Facebook accounts for sale for a price of $20 to $45 per 1000 accounts, depending on the number of contacts. According to a New York Times story, Facebook said that its own investigation did not find the claim credible. Facebook did not answer an interview request for this article.

NEXT PAGE: Marketers and advertisers

  1. Introduction
  2. Facebook's instant personalisation partners
  3. Application developers
  4. Hackers and worms
  5. Marketers and advertisers


IDG UK Sites

iPhone 5s review: why the iPhone 5s is still the best phone you can buy in 2014

IDG UK Sites

PCs vs consoles: PCs still pwn when it comes to gaming (and everything else)

IDG UK Sites

Come together to learn: the secrets of the best design talks, conferences and courses