Are Facebook Applications Safe?

June 16, 2010

As you know, Facebook is a very popular website. We use it and many of our clients use it. We have talked about security issues on Facebook before. We recently told you how to block Facebook applications from writing status updates on your wall. In this article, we want to talk more about Facebook applications. We are going to tell you some things about Facebook apps that we think will surprise you.

Most people think that any application on Facebook has either been created by Facebook, or at least reviewed or checked by Facebook. However, this is not true. Anybody can create a Facebook application. This is dangerous for two reasons. First, and most obvious, someone could create a Facebook application that has malicious intent. A malicious program might try to infect your computer, steal personal information, or steal your account id’s and passwords.

The second risk is that even if someone with good intentions creates a cool Facebook application, if they don’t do a good job of securing that application, the application could be hacked so that it becomes malicious. You don’t know how skilled the person who created the application was. Did they know what they were doing?

Even applications that have passed Facebook’s verification program can be vulnerable to being hacked. In fact, late last year, a study was done. They looked for a particular vulnerability in Facebook apps. They found that six of the top ten applications on Facebook had the vulnerability. Those applications were FarmVille, Causes, LivingSocial, Movies, Farm Town, and YoVille. This particular vulnerability has been fixed in these applications, but there are probably others.

This all begs the question: Should you use any Facebook apps?

The answer is, sure. But as with anything, there is a level of risk. This level of risk demands a level of caution. So here are some guidelines to follow when using Facebook.

  1. Make sure you have good security software on  your computer that is not expired and is up to date. Security software should include web filtering and ad blocking.

  2. Before you allow an application access to your profile, check out the reviews of that application. You can do that by going to the applications Facebook page and click on the Reviews tab.

  3. Don’t put too much identifying information on your Facebook page. You can put the month and day of your birthday, but don’t put the year. Don’t put your phone number, address, age, or anything like that on Facebook. And you obviously wouldn’t ever want to put your social security number, account numbers, or anything like that anywhere in Facebook or any other online service.

  4. Check out the privacy settings on Facebook. Consider them carefully and set them in a way that protects you and your Facebook friends. To do that, in the upper right corner of your Facebook page, click on Account and then Privacy Settings. Make most of your info only viewable by friends, not everyone. Make identifying information like phone number only viewable by you. While in the privacy settings, click on edit settings under “Applications and Websites” and check out those settings as well.

  5. Don’t post on Facebook when you are away from home. When you get back from your vacation, post it then. Although you may consider everyone on your friends list a friend, accounts can be hijacked. In addition, a friend may leave their Facebook page up while they are gone and someone else might use it.

  6. Before accepting a friend request, make sure you know them and you are sure it’s who you think it is.

Leave a Reply

You must be logged in to post a comment.