Facebook users accept friend requests from anyone

NAIVE PEOPLE DATABASE Facebook users are ripe for attack, according to a research paper, and eight out of 10 of them are happy to accept friend requests from anyone, including bots.

The paper is due to be published and discussed properly next month at the Annual Computer Security Applications Conference 2011, but a brief abstract is available.

Authored by four computer security researchers at the University of British Columbia, the paper says that online social networks are incredibly powerful and if used by the wrong hands can be exploited.

The researchers said that they can be used to run "astroturf campaigns to spread misinformation and propaganda" by taking over a social network on a large scale. The warning is perhaps well timed, as Anonymous is preparing its own Facebook virus for use, while the social network was hit by a flood of nasty spam earlier this week.

The paper evaluates how easy it is to infiltrate social networks using "socialbots" that control real accounts but only mimic real users. Setting up accounts like this is easy, but how do you spread them? Well, you rely on real users according to the research.

"We operated [a] Socialbot Network on Facebook - a 750 million user [Open Social Network] - for about [eight] weeks. We collected data related to users' behavior in response to a large-scale infiltration where socialbots were used to connect to a large number of Facebook users," they write.

"Our results show that [social networks], such as Facebook, can be infiltrated with a success rate of up to 80 per cent, depending on users' privacy settings, a successful infiltration can result in privacy breaches where even more users' data are exposed when compared to a purely public access."

Worryingly, they also found that social networking security defenses such as Facebook's immune system are "not effective enough in detecting or stopping a large-scale infiltration as it occurs". µ