There are more than one billion users of Facebook worldwide. Most of those individuals that have a profile of some sort on Facebook really don’t pay attention to just how much information they put on their profile for anyone to see. Names, cities, old schools, friends, relatives, and dates of birth are all there for the world, or an amateur hacker to see. Recently, internet security experts from Rutgers University discovered a major flaw in the Facebook security with those who are using Hotmail addresses.

This is how it works: Hotmail, the Microsoft email provider retires email accounts that have not been used for more than two hundred and seventy days. These ‘retired’ email addresses can now be reassigned to new users. Rank amateur hackers can send a bulk load of emails to a range of Hotmail addresses. If the email they sent returns to them with an error message reading “Mailbox unavailable” it means they’ve located a retired Hotmail account.

The hacker then creates another Hotmail account and requests the exact email that has been retired. They then log onto the users Facebook account using that email address and click on the forgotten password link. The FB servers send a reset request to the email address on file and voila the amateur hacker has gained access to information about you, your family and your friends. You may ask yourself why someone would do this. It’s simple, they pose as you online and send messages to your contacts as if they were from you.

An old scam that has been used is posing as you in a situation where you are stuck at a foreign airport without identification and need money to get back home. There are other more current scams, but the last thing you want is people you know being scammed in your name. The study at Rutgers successfully hacked 15 Facebook accounts before stopping due to the risk of exposing them to lawsuits. This loophole will be presents at the Internet conference being held in Rio de Janeiro, Brazil.

You can follow any responses to this entry through the RSS 2.0 feed.