2

I am quite active in several Facebook groups and get a handfull of friend requests from obvious fake accounts every day. Usually these profiles appear to belong to pretty young women who link to some site on their wall that I have to pay to become a member of, pretending that I can contact them once I have signed up.

But sometimes these profiles are completely inactive, there are no links to paysites on their wall and they do not reply to messages. Since these profiles do not try to lure me into spending money or downloading malware, they must be doing something that I am not aware of. I guess they try to get my contact information or friend list, but I have hidden all of that even from my friends. Yet these fake accounts do not unfriend me, but remain my friends until I unfriend them.

What is the deal here? Can a Facebook friend make use of my profile somehow or grab information, e.g. through the Graph API?

2 Answers2

4

They can take information on your page and use it for targeting you for phishing.

They can also use it to generate phishing emails to others based on info on your profile.

Andrew
  • 41
  • 1
-2

Yes. They can be potential serial killers looking for the next victim or Justin Bieber looking to promote his new song. Don't take your chances.

And on a serious note, graph API is known to have a lot of vulnerabilities. It is safe to keep people you don't know out of your profile.

hax
  • 3,951
  • 2
  • 17
  • 35