WSFA 12 News Montgomery, AL |Facebook friends could threaten personal, family security
Member Center:
(NBC) - Sixteen-year-old Keegan Donahue and his sister, 15-year-old Rylee, are active Facebook users, but not without a little supervision from mom and dad.
"Part of the reason I have a Facebook page myself is so I can be friends with them and see what they're putting on there and who their friends are," said Andrea Donahue.
The NBC News Network sat down with the Donahues for a family interview, and were asked if any knew a woman named Cindy Jefferson. Andrea, Keegan and Rylee all said no.
A security check performed before the interview revealed all three accepted Jefferson as a friend the day before. Needless to say, all were shocked.
It turns out they thought the stranger could be a friend from another community they lived in years ago, so they accepted, intending to check Jefferson out more closely in the days ahead.
However, Jefferson was actually created out of thin air by two guys in a small office.
Matt Churchill and Jim O'Gorman work for Continuum Worldwide, an Ohama, NE, company hired by banks and corporations to keep hackers out of their computer systems. The good news - they can be trusted.
Churchill knows firsthand through his work about Web users who cannot betrusted.
"You have to expect that anything you put on line, anybody can see. Don't put it on line if you're not willing to have the creepy guy at the bus stop watching you," he said.
In this case, Churchill and O'Gorman are not creepy guys, but they were watching the Donahues through their fictional Facebook connection, Cindy Jefferson. They found some information that made the Donahues uncomfortable.
"[Matt] and I went through the accounts and found a number of events, family travel, speaking about going out of town, going to Dallas over [a certain] time period," says O'Gorman.
It's information that could be used by someone with bad intentions.
Ironcially, the Donahues had discussed as a family not to publish that type of information.
"We told them not to put any upcoming trips, only to comment after they get back home," said Andrea Donahue.
The security experts from Continuum Worldwide advise all Facebook users to share information about personal events after the events have taken place. Other information to keep off your Facebook page include your email address, your full name, your birthday and even the name of your pet.
"There is a criminal mindset and if you're not thinking as a criminal, you may post something that seems fairly innocuous, but it can be used by somebody else," says Churchill. "If you post it, assume it's public and if somebody is motivated enough, they're going to be able to use it against you."
On the subject of passwords, Churchill explained how an email address given out on Facebook can be used to invade a person's privacy.
He says a person with bad intentions who gains access as your friend can set up a website with malware, send the link to you and encourage you to click on the link and in the process access your computer can be gained.
"With that software, a bad guy can plant a key logger on your computer that records your every stroke and it could capture passwords," said O'Gorman.
That in turn, he says, would give them access to mail accounts and to bank accounts, to any number of sensitive items.
"You just have to be careful in what you post and accept a certain amount of risk that whatever you do post is public knowledge to everybody, even if you have your profile locked, it could leak out through one of your friends," said Churchill.
©2009 NBC. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
