Study: Facebook Users Happily Give Up Vital Details

Millions of members of the social-networking site Facebook are allowing strangers access to their personal information, making them vulnerable to identity theft on the Internet.

Researchers found that two in five Facebook users happily divulged details such as their dates of birth, phone numbers and workplaces to people whom they had never met.

Fraud experts say that the willingness of the younger generation to disclose personal data over the Internet is a worrying trend and gives cybercriminals the information they would need to create spoof identities, gain access to online accounts or infiltrate employers' computer networks.

• Click here to visit's Cybersecurity Center.

• Click here for's Personal Technology Center.

Facebook has enjoyed phenomenal success. Founded three and a half years ago, the site now has more than 30 million active members worldwide.

Sophos, a leading IT security company, created a fake Facebook profile and sent out befriending requests to individuals chosen at random.

More than 40 per cent of users responded, allowing "Freddi Staur" (an anagram of "ID Fraudster"), whose photo showed a small green frog, to view their profiles and a selection of personal details.

Graham Cluley, senior technology consultant at Sophos, said: "In the majority of cases, Freddi was able to gain access to respondents' photos of family and friends, information about likes/dislikes, hobbies, employer details and other personal facts.

"Many users also disclosed the names of their spouses or partners, several included their resumes, while one user even divulged his mother's maiden name — information often requested by Web sites in order to retrieve account details. He [the fictional user] now has enough information to create phishing e-mails or malware [malicious software] targeted at individual users or businesses, to guess users' passwords, and impersonate or even stalk them."

While Facebook does allow users to restrict friends' access to their information, many members do not bother to invoke the safety measures.

Alastair, a 24-year-old financial-services worker who has been on Facebook since the beginning of the year, said: "Some people really will just accept anyone as a friend. It would take someone about five minutes to ruin your life if they put their mind to it."

Figures released recently by Cifas, the British fraud prevention service, show that a record number of frauds were committed in the first six months of 2007, including an estimated 40,000 identity thefts. Cifas called the numbers worryingly high and put the cost of ID fraud in Britain at about $3 billion a year.

Facebook suffered further embarrassment Monday after it was disclosed that parts of its source code had leaked on to the Internet. The site acknowledged that part of the code to its home page had been published on a blog, but emphasized that none of the personal details of its 52 million users (many of them dormant) had been compromised.