Security analysts urge not to put phone numbers on Facebook profiles

Facebook Inc. (NASDAQ:FB) shoots down privacy concern. So, it is better for users not to list phone numbers on their personal Facebook profiles. By just keying in the number in the Facebook search bar, anybody can obtain the personal details and geographical location. Facebook’s privacy settings will not stop this, and the details can fall into the wrong hands – for instance, cyber criminals.

Technical Director of Salt Agency, Reza Moaiandin harnessed a coding script to produce all possible number combinations in the US, Canada, and Britain. Next he sent the numbers to Facebook’s app building program (API). As a result, he received unrestricted access to millions of personal profiles.

Moaiandin opined that leveraging this security loophole, a person with the requisite knowledge can collect the non-private details of the Facebook users who permit community to their telephone or mobile numbers. As a result, user details may be used or sold for things that the user may not be agreeable to or be happy with.

In spite of intimating Facebook in April and requesting APIs to be pre-encrypted the security loophole still exists leaving the social networking site’s 1.44 billion users vulnerable.

As per a report in 2014, a US based non-benefit global arrangement think tank reveals that photos, telephone numbers, education details, names and geographical locations are sold in the market for profit.

The 2014’s RAND (Research And Development) Corporation report said that Facebook accounts give more returns than burgled credit cards. It added that the cyber criminal black market fetched more money than the illegal drug trade by virtue of trading private information gleaned from social networking websites.

The chief executive of privilege management firm Lieberman Software, Philip Lieberman said that several advanced spear phishing attacks use public data available on social networks such as Facebook.

He also added that the best way for users to safeguard themselves is to not publish any item that they don’t wish utilized to attack them. Hence users should keep their personal phone numbers private and not make them public.