Facebook Application Stealing Idendity to Spam

Earlier this month, the BBC technology television show, Click, reported that their developer was legitimately able to use a 3rd party Facebook application to retrieve private information from Facebook users who have specifically asked to keep this type of data private. Now, 3rd party applications on Facebook are beginning to steal user identities for the sake of spamming.

Today, I noticed one of my Facebook friend, Michelle (her name has been changed to protect her identity), left a comment on my wall. The comment included a link to some shaddy website offering “legal bud”. Shortly after, I noticed many of my common friends with Michelle also received the same comment on their walls. It turned out that a 3rd party Facebook application that Michelle had installed auto-spammed all of her friends. In fact, the rogue application even took over her status and states that she has “found some potent legal bud”.

First, Facebook allowed 3rd party applications to retrieve their user’s private information. Now, they have allowed a rogue 3rd party application provider to take over commenting and status of their users. What’s next? Will Facebook user data get sold to anyone willing to pay for it? I can accept advertising based on the info I provide in my profile, but taking over commenting and user status is pushing behavioral targeting to a rogue level.

It looks like Facebook is allowing 3rd party applications to pretty much do whatever they want. How will Facebook move forward to address these privacy concerns and better protect their users? Does it mean moving all 3rd party applications in-house so that they run on Facebook servers rather than off-site? That is exactly how MySpace keeps tabs on their applications. Facebook can definitely learn from MySpace in this particular instance and implement immediate changes that will better protect their users.

If Facebook privacy issues continue to surface at they have recently, I will not be the only one requesting for a cancellation of my account. Anyone else got auto wall spam’ed yet?

Ian Lee
Work from home dad, marketer and photographer. Fallen in love with basketball all over again as I coach my daughter's team.

7 thoughts on “Facebook Application Stealing Idendity to Spam”

  1. Facebook really needs to get a handle of these applications. I thought they were annoying from the beginning anyways.

  2. It seems that everything has its problems. Facebook has never really been that interesting to me. But, spamming and phishing happens on other sites too. Myspace, YouTube, Hi5…you can’t really get away from that stuff. You just have to be smart and don’t be afraid to report something. I know that Michelle is your friend. But, when a friend of mine gets phished and I get a spam from him or her, I normally let them know about it.

  3. It is not surprising to know this for a lot of sites related to Facebook are doing the same, too. Who knows that those sites you don’t expect to do spams are exactly doing it? I haven’t signed up for Facebook yet. I’m not planning to anyway. XD

  4. I have noticed a number of these applications being used for spam purposes, and I completely agree that Facebook should be using their own servers to moderate what goes on in these applications.


Leave a Comment