Facebook Gifts could encourage users to expose more private information
Security experts outline potential security and privacy risks posed by Facebook's new social gifting service
IDG News Service - Facebook Gifts, the new social gifting service launched by Facebook on Thursday, might encourage users to expose information like their home addresses, birth date, clothing or shoe size that could pose security and privacy risks, according to security experts.
Facebook used to have a Gift Shop application that allowed users to send virtual gifts in the form of images, but it was discontinued in August 2010. The revamped Facebook Gifts feature is the result of Facebook's May acquisition of mobile e-commerce app Karma and allows users to send physical gifts to their friends.
"Choose a gift, attach a card and send," Facebook said Thursday in an announcement on its website. "You can post your gift to your friend's timeline or send it privately. Your friend can then unwrap a preview of the gift and it will show up on their doorstep a few days later."
Facebook has partnered with many vendors in order to offer a large selection of gifts that includes stuffed animals, cupcakes, toys, coffee mugs, Starbucks gift cards and more. The company receives a percentage of every gift purchase.
Facebook Gifts will be rolled out gradually to users starting with those in the U.S, the company said. Users will have the option to send gifts from the birthday reminder panel on their news feeds or by clicking on a gift icon in a friend's timeline. The payment can be made before or after the intended recipient has accepted the gift.
Recipients will receive a notification when someone sends them a gift and can select the item's size, color or even swap it for another item of equal or lower price. They then have to input a delivery address or select from the ones already saved under their account.
The launch of the new Facebook Gifts service is good news for Facebook investors because it will provide the company with a new revenue stream and the feature might even prove popular with users in the long run. However, some security experts are concerned about its security and privacy implications.
"The amount of private data users are sharing on social networking sites already exceeds all security precautions," said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor Bitdefender, via email Friday. "Making it so much easier for the user to add a number of addresses they can receive parcels at (including probably work or school addresses) would make it even easier for real-life criminals to gather information about a potential victim."
"The new information that might be shared by users is particularly dangerous in the case of account compromise," the Bitdefender security researcher said. Home addresses combined with other information commonly shared by users on Facebook like vacation dates, pictures of houses or news about recent high-value purchases, could make it very easy for burglars to select potential victims and plan raids, he said.
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Topic Center White Papers | Webcasts