Beware: The socialbots are coming. These fake profiles mimic real people on Facebook but are actually computer programs that try to harvest private data from users, and expose them to othersecurity risks.
University of British Columbia researchers created a social network of a single botmaster and 102 socialbots, and then let it loose on Facebook for eight weeks. The results were a little scary.
During the eight-week period, the socialbots were able to send out 8,570 friend requests on Facebook, of which 3,055 were accepted. However, the “extended neighborhood” — friends of friends — numbered approximately 1,085,785. The socialbots averaged around 20 friends, with some ensnaring as many as 80 or 90.
The socialbots had far more success getting friend requests accepted from friends of Facebook users who had already accepted its initial friend requests, due largely to common friends being included in friend requests on the social network. On first pass, only 20 percent of friend requests were accepted, but once the bogus accounts were passed off as friends of friends, that number jumped to 60 percent.
By accessing the profiles of friends with less stringent security settings, the socialbots were able to average 175 pieces of data from publicly inaccessible profiles per day, and ended up with a total of roughly 250 gigabytes of data (all of which was encrypted during the study and deleted after its conclusion).
The Facebook Immune System was only able to block 20 percent of the bogus accounts used by the socialbots. And the reason why those 20 were blocked: Some alert Facebook users flagged them as spam.
Those bogus profiles were created to be “socially attractive.” The researchers actually used photos lifted from sites like Hot or Not , where users rate the attractiveness of the subject, believing that better-looking subjects bring better results. MORE
A Facebook spokesperson on how the social network combats bots: