Facebook pushing you to better protect your account – here is why

RapidVPN/ June 6, 2019/ Blog/

Everything online is hackable. If your sensitive data are on a computer connected to the internet, they are vulnerable. Whether someone will be hacked depends on defensive technologies, user awareness, the need and skill of the hacker and the desirability of the data. For example, it is different if an attacker just wants credit-card details or looking for specific data from a specific place. As social beings, we are programmed to be socially active. In this age of digitization, we found a way to be and stay connected to each other on the internet through social networking platforms and apps. We give our trust to this kind of internet-based companies and share our personal information that companies are asking from us. Does a specific site protect our personal information well enough for the benefits provided by that site?  As far as the safety of our data is concerned we have a feeling that big companies do better than smaller ones, that we are well protected. The truth is that many companies are sharing our personal data without our knowledge or consent and that we know little about their security practices. We don’t have a clue what sorts of security measures Facebook uses to protect our posts, conversations, or to protect our privacy.

We are all aware that hacks, data breaches, and other forms of cybercrime are accelerating and that using only a password to protect our data is no longer enough. As an extra level of security, there is two-factor authentication (2FA), a feature that asks for something else in addition to your password, typically six-digit code, and a lot of us are using it. If your password is stolen, the chances of someone else having your second-factor information, and thus access to your account, is highly unlikely.

Facebook is the largest social networking site in the world and one of the internet-based companies that offer 2FA, and not only that it offers but it strongly recommends it. You are asked to add your phone number solely for the purpose of 2FA. But recently, something disturbing happened (again) that not many Facebook users might be aware of.  It seems that Facebook has an underlying motive for pushing you to better protect your account.

A year ago Facebook stopped allowing people to search for profiles by phone numbers, but guess what, it happens again – people can search for your phone number on Facebook and associate that to your name and other information. Facebook asked you to give your phone number to help keep your account safe from potential hackers. But, again, people can find your profile from that phone number you give to Facebook and they can track you down by default. Anyone with your phone number can search for you. Default means that there’s no way to disable that and there is nothing you can do to prevent Facebook from using your phone number in several shady ways. All you can do is can change your preferences to “friends” or “friends of friends”.

There is more. You associate your phone number with your Facebook account for the purpose of 2FA but if your number is on the contact list of someone that has allowed the Facebook app access to his or her phone’s contacts list, Facebook will suggest to both users to connect. This is the way that the company is using the phone number data for the intention of a search when it was provided by users for security purposes. That phone number that was being used for 2FA was also being provided to advertisers for targeted posts and advertisers also linking your Facebook, Instagram, and WhatsApp profiles through your phone number. Facebook 2FA numbers are shared with Instagram, WhatsApp shares phone numbers with Facebook, Facebook shares phone numbers with advertisers. Once you add your number to FB, Instagram prompts you “is this your phone number?” There are rumors that Mark Zuckerberg wants to merge Messenger, WhatsApp, and Instagram services. Facebook’s former chief information security officer, Alex Stamos, said in a tweet that “FB can’t credibly require 2FA for high-risk accounts without segmenting that from search & ads.”

And, there is another problem. Using your phone number for two-factor authentication is open to hacks. 2FA is an important feature that protects accounts from takeovers, but connecting users’ phone numbers with targeted advertising and searches put security and privacy at risk. This kind of risk is driving people away from a useful security tool. When you try logging in, hackers can intercept text messages containing your PIN code through methods like SIM hijacking. Instead of using your phone number, it is better to use an authenticator app for 2FA on the social network. Facebook is allowing authenticator apps so you don’t need to use your phone number anymore. When you start to use the authenticator app, don’t forget to remove your phone number from Facebook.

Facebook takes advantage of our privacy, desire to be secure online and our trust. Is pushing to better protect our account in the form of care for the protection of our data and us as users of the popular giant, actually hides a completely different intention? Our information, unwillingly, came into the hands of advertising companies. Do we have to believe that it happened accidentally due to a reckless security breach? Highly unlikely. Facebook pushes us to better protect our account so that it can use our data for the purpose of earning. Everything ultimately comes down to money. They sold us a story to serve us as a product because, in today’s world of technology, people are a product that is valued on the market. Well, hackers know this very well. Why are they doing it? Obviously, because they can and we seem to have become the victims of Facebook phishing.