Why You Should NEVER Put Your Phone Number On Facebook

If you're a Facebook user, you might want to think twice before your number goes on your profile.

Users are commonly encouraged to add your number to the website but if they do, anybody can find that person's name, picture and location - regardless of their privacy settings - by typing their number into the search bar. 

Underlining the security dangers, a British software engineer has even harvested thousands of data about users, simply by generating random phone numbers.

Reza Moaiandin, technical director of Salt.agency, used a coding script to generate every possible number combination in the UK, US and Canada. 

He then sent millions of numbers to Facebook's app-building program (API) in bulk. In return, he received millions of unobstructed personal profiles.

Even though Facebook has been notified of this loophole, the problem remains, leaving the site's 1.44 billion users open to hacks.

'We do not consider it a security vulnerability, but we do have controls in place to monitor and mitigate abuse,' a Facebook spokesman told Mr Moaiandin, according to his blog.

This means details of users who allow public access to their phone numbers are available to harvesters to use or sell for purposes that the user may not be happy with.

The cyber criminals’ black market has become even more profitable than the illegal drug trade, according to a report last year by the national security division of RAND Corporation.

Pictures, names, phone numbers, education history, and locations can be sold on a network of illegal trading sites, the report found.

Twitter and Facebook accounts are now more profitable than stolen credit cards, according to the report.

In an email to Daily Mail Online, Facebook defended its security settings, insisting users can adjust their privacy settings to stop people searching their information using a phone number.

In a full statement, the spokesman said: 'The privacy of people who use Facebook is extremely important to us. We have industry-leading proprietary network monitoring tools constantly running in order to ensure data security and have strict rules that govern how developers are able to use our APIs to build their products. Developers are only able to access information that people have chosen to make public.

'Everyone who uses Facebook has control of the information they share, this includes the information people include within their profile, and who can see this information. Our Privacy Basics tool has a series of helpful guides that explain how people can quickly and easily decide what information they share and who they share it with.'

There is no option on Facebook to make it so you cannot be looked up at all via your phone number.

Offering a more bleak outlook, cyber security expert Justin Cappos, professor in computer science and engineering at NYU's Polytechnic School of Engineering, says it would be surprising if Facebook took action on the matter.

Ultimately, he says, the responsibility will always lie with the user.

'I always say only share things on Facebook that you would post publicly. Imagine a jealous ex-lover going and finding your new number or companies using it for marketing purposes. It is all in the open.'

Source