Your near and dear ones could be accessing your Facebook account secretly

Hacking, Cyber attack, Social Risk, Social Threat, Social Attack, Encryption, Mobile Security, DDoS, Cyber Security, Ransomware, Malware, Security, Privacy,

Your Facebook account might not be as secure and private as you believe as a new study has shown that just like hackers and online criminals, your private information on the social network could be accessed by your near and dear ones without your express permission.

Researchers in Canada carried out a survey to find out whether friends are secretly accessing their friends’ Facebook accounts and it turns out that over one in five adults are actually doing it. Researchers at University of British Columbia who carried out the survey of 1,308 U.S. adult Facebook users say that this is a wide spread practice and it highlights new risk to Facebook accounts as well as brings to the fore the inadequacy of traditional methods of securing account – PINs or Passwords.

Researchers were after the social insider threats and through the study they classified such attacks into five motivations – fun, curiosity, jealousy, animosity, and utility. They also explored dimensions associated with each type and the findings of their survey and subsequent analysis indicates that the social insider attacks are a common thing and while some of them may be limited to pure find, there are quite a few of these attacks that end up having serious emotional consequences with no simple mitigation.

Scientists point out that adversaries who are social insiders have a social relationship with the account owner and are of special concern. The proximity between the victim and a social insider makes it easier for the insider to obtain unauthorized access to the victim’s device and Facebook account.

The authors of the paper alos note that although often overlooked, social insiders attacks can have adverse effects. For instance, posting potentially embarrassing material using the victim’s account (an act sometimes referred to as ‘facejacking’ or ‘frape’ is often dismissed as a prank. However, some of these pranks have been regarded as defacement and resulted in criminal prosecution.

The findings highlight the ineffectiveness of passwords and device PINs in stopping unauthorized access by insiders, added electrical and computer engineering professor Kosta Beznosov, the paper’s other senior author.

Researchers point out in their paper that their findings suggest that attacks are common, opportunistic, and have a range of motives, including fun, curiosity, jealousy, animosity, and utility. Considering the diversity of these attacks, we believe that no single mitigation strategy would be effective.