Beware of Facebook Offering Gifts

by Eduard Goodman

Q: Facebook recently announced a service, Facebook Gifts, that allows users to send Starbucks gift cards, Magnolia Bakery cupcakes, Gund teddy bears and other knickknacks for events such as birthdays, job promotions and anniversaries. (The Palo Alto, Calif., social networking giant has plans to add more types of gifts every day.) Are there any risks from a cybercrime or identity theft perspective users should be aware of?

A:The gift recipient will be required to enter their physical address upon notification that they have been given a gift. Users need to be especially cautious of fake emails claiming to be from Facebook. It’s always a gamble to provide personal data to a company storing information, and especially to a social networking site so highly scrutinized for its privacy practices. There is strong potential for malicious, spam emails to be generated – something like “You have just received a Facebook Gift, please click here to redeem.” We see instances like this all the time, and the link included usually opens up to a website exposing the user to malware.

With its offering, too, Facebook will start collecting more credit card and banking information than ever. There are a lot of unknowns, but it could be the missing piece of the profile puzzle. Facebook stores an enormous amount of information about its users, and the volume of data is growing. If the company gains personal financial information, it may know more about you than nearly any other company. That’s putting a lot of trust in one business. If Facebook ever were hit by a cyberattack and information fell into the wrong hands, it could be catastrophic for millions of people.