Monday, September 08, 2008

I found a Facebook security hole... sort of

I think I just stumbled upon a fairly big security hole in Facebook.

The other day I mysteriously started receiving these really bizarre text messages on my phone along the lines of the following:

Facebook msg from Jimmy-Joe Bobkins
(Espanola High School)
Subj: hey

"yo homeslice
tried calling you
maybe your out with the boy :D

"Wierd" I thought. I chalked it up to some dude in Mexico trying to send out mass txt messages to see who would reply so he could scam them. I ignored it.

The next day the messages continued with content like:
"sooo anyways preetty bored , wondering what you were up to, anywayss call
me, lover"
"Umm not that i no of"
"Umm perhaps"
"Haha no"

Clearly there was some sort of conversation going on there that I was not a part of... but somehow was landing on my phone. What the heck was going on?

I looked up Espanola high school and lo and behold, it wasn't in Mexico at all but rather in a nearby little town. Why would a mass txt message spammer/phisher be based out of Espanola?

Then it hit me, I moved recently and had signed up for a new phone number. I must be getting these facebook messages from whomever had this phone number before me!

Then I realized that if somebody got MY old cell phone number, they would be receiving MY facebook messages!

I quickly logged onto facebook, and changed my profile to update my cell phone number for forwarding txt messages. That should stop somebody else from getting my txt messages. I think it will also stop me from getting these mystery text messages, because I could no longer get the second half of messages when I replied with 'n' to get the remainder of truncated messages.

So, if you use facebook and you change cell numbers, lookout, somebody might be reading your mail!

No comments: