Facebook Bug Could Give Spammers Names, Photos

Posted by timothy on Thursday August 12, 2010 @08:11AM from the who-am-I-again? dept.

angry tapir writes with this excerpt from an IDG report: "Facebook is scrambling to fix a bug in its website that could be misused by spammers to harvest user names and photographs. It turns out that if someone enters the e-mail address of a Facebook user along with the wrong password, Facebook returns a special 'Please re-enter your password' page, which includes the Facebook photo and full name of the person associated with the address. A spammer with an e-mail list could write a script that enters the e-mail addresses into Facebook and then logs the real names. This could help make a phishing attack more realistic."

1 of 145 comments (clear)

Min score:

Reason:

Sort:

Wow by mark72005 · 2010-08-12 08:15 · Score: 1, Redundant

Just when you thought all the obvious exploits and privacy problems had to be gone by now, they go off and amaze us again.

Get ready for another irreducibly complex tier of privacy settings, i'm sure.