× Business BUSINESS MOTORING SHIPPING & LOGISTICS DR PESA FINANCIAL STANDARD Digital News Videos Health & Science Lifestyle Opinion Education Columnists Moi Cabinets Arts & Culture Fact Check Podcasts E-Paper Lifestyle & Entertainment Nairobian Entertainment Eve Woman Travelog TV Stations KTN Home KTN News BTV KTN Farmers TV Radio Stations Radio Maisha Spice FM Vybez Radio Enterprise VAS E-Learning Digger Classified Jobs Games Crosswords Sudoku The Standard Group Corporate Contact Us Rate Card Vacancies DCX O.M Portal Corporate Email RMS

Security expert warns of simple Facebook trick that hackers could use to steal people's identity

By Mirror | August 10th 2015

LONDON, UK: Hackers could use the Facebook search facility to steal the identities of millions of British people, an online security expert has claimed.

Reza Moaiandin, technical director at Salt Agency, claimed digi-crims could easily scan the population of an "entire country" to find targets.

Once they have identified potential victims, all cyber-thieves need to do is type their mobile number into Facebook's search box, allowing them access the person's name, picture, location and other personal information which is highly sought after in the online criminal underworld.

"The most worrying aspect of discovering this issue is that it happened entirely by mistake," Moaiandin said.

"I wasn’t even searching for flaws in Facebook’s security when I came across it.

"Unfortunately, for the 1.44 billion people currently using Facebook, this means that sophisticated hackers and black market sellers can access names and mobile phone numbers in as little as an hour through reverse engineering – at a time when an entire identity can be sold for as little as $5."

After discovering the "huge security loophole", he designed a piece of computer code to automatically scan every mobile phone number in the US, the UK and Canada to work out who could be targeted.

Then it was a simple matter to type vulnerable people's mobile phone number into Facebook's GraphQL search, locate their profile and then harvest as much information from it as possible.

He urged Facebook to close the security gap "before its too late".

Anyone concerned about identity theft should make sure Facebook's privacy settings are set up properly - or avoid letting the social network know their phone number.

A Facebook spokesman said: "The privacy of people who use Facebook is extremely important to us.

"We have industry leading proprietary network monitoring tools constantly running in order to ensure data security and have strict rules that govern how developers are able to use our APIs to build their products.

"Developers are only able to access information that people have chosen to make public.

"Everyone who uses Facebook has control of the information they share, this includes the information people include within their profile, and who can see this information.

"Our Privacy Basics tool has a series of helpful guides that explain how people can quickly and easily decide what information they share and who they share it with."

Share this story
Back to the future: Nokia prepares for mobile comeback
Nokia is hiring software experts, testing new products and seeking sales partners as it plots its return to the mobile phone and consumer tech arena it abandoned with the sale of its handset business.
Survey: Why 40 pc of workers want to quit their jobs
More than half of 18 to 25 year-olds in the workforce are considering quitting their job. And they are not the only ones.