Driving home from visiting my grandmother, I encountered an advertisement on 96.3 WROV for a website called FriendsWhoLikeDonaldTrump.com. This is how the Ted Cruz campaign is harvesting data including name, birth date, location, and every page one has “liked” on Facebook. Obviously, the unwritten law of The Internet is “click at your own peril,” but there’s a twist.
It automatically harvests names, birth dates, locations, and “likes” of all your “friends,” and the average Facebook user has 340 friends. This is a major breach of security perpetrated by Ted Cruz against people who love Trump AND people who hate Trump. It’s kind of a big deal. It’s crowdsourced identity theft, using Trump minions and anti-Trump minions to collect information on the entire Facebook community without our consent.
First, this shows that the Ted Cruz campaign is using the Trump phenomenon against the voting population, trying to get a handle on what the voters want, by any means, in the hope of beating him at his own shameless pandering. Second, it shows that Ted Cruz and his financiers are not above identity theft in their attempt to capture the White House. Third, it shows that the wrong Facebook friend can be a serious vulnerability.
If one of your many Facebook friends provides login information to the Ted Cruz campaign, your name, birth date, location, and “likes” are vulnerable. How well do you know your Facebook friends? How many of their accounts have been hacked because they chose weak passwords? Do you see where I’m going with this? Visible data harvested from friends is valuable phishing tackle. What if hackers decide to sell the data they access rather than create posts that obviously did not originate from the account owner? It makes SpearPhishing a whole lot easier.
How do we combat this menace? My apologies to my Facebook friends who will be working overtime to make the service more secure. It’s a complicated problem. How do we make it more difficult to hack individual Facebook accounts? How do we help Facebook users determine whether or not it is safe to enter login information? How do we balance security with access and simultaneously maintain the unparalleled quality of the Facebook experience?