Friend’s May Hack Our Facebook Account, Researchers Say

Friend's May Hack Our Facebook Account, Researchers Say

Most people are concerned about the prospect of their social media accounts being hacked, but a new study finds that it’s actually people we know who frequently access our accounts without our permission.

In a survey of 1,308 U.S. adult Facebook users, University of British Columbia researchers found that 24 per cent – or more than one in five – had snooped on the Facebook accounts of their friends, romantic partners or family members, using the victims’ own computers or cellphones.

“It’s clearly a widespread practice. Facebook private messages, pictures or videos are easy targets when the account owner is already logged on and has left their computer or mobile open for viewing,” said Wali Ahmed Usmani, study author and computer science master’s student.

People admitted to spying on their friends, family, and romantic partners out of simple curiosity or fun—for example, setting a victim’s status or profile picture to something humorous. But other motives were darker, such as jealousy or animosity.

“Jealous snoops generally plan their action and focus on personal messages, accessing the account for 15 minutes or longer,” said computer science professor Ivan Beschastnikh, a senior author on the paper.

“And the consequences are significant: in many cases, snooping effectively ended the relationship.”

The findings highlight the ineffectiveness of passwords and device PINs in stopping unauthorized access by insiders, added electrical and computer engineering professor Kosta Beznosov, the paper’s other senior author.

“There’s no single best defense—though a combination of changing passwords regularly, logging out of your account and other security practices can definitely help,” said Beznosov.

“Characterizing social insider attacks on Facebook” was funded by the Office of the Privacy Commissioner of Canada and prepared in collaboration with researchers at the University of Lisbon. It will be presented in May at the Association for Computing Machinery’s Conference on Human Factors in Computing Systems (CHI 2017).

Online Editors

Advertisment



  • Almost all The British Journal staff, including reporters, can be contacted by e-mail. In most cases the e-mail address follows this formula: first initial + last name + @thebritishjournal.com. For example, Laura F. Nixon is [email protected]

    Leave a Reply

    Your email address will not be published. Required fields are marked *