Facebook allows anyone to look up people’s profiles using phone numbers

Facebook allows anyone to look up people’s profiles using phone numbers

Facebook allows anyone to look up people's profiles using phone numbers

Facebook allows its users across the globe to use their phone numbers to secure their accounts with two-factor authentication. This allows users to recover their passwords, receive notifications via SMS and prevent fraudsters from hacking into their Facebook accounts.

However, Facebook is using its users’ phone numbers for much more than merely securing their accounts. In September last year, Gizmodo revealed that Facebook gave advertisers unprecedented access to users’ phone numbers so that advertisers could carry out targeted advertising based on people’s profession, likes, dislikes and their online activities.

Recently, Jeremy Burge, Chief Emoji Officer at Emojipedia, noted that Facebook is also using people’s phone numbers to allow users to find people on Facebook by typing in phone numbers. This feature is marked as “everyone” by default which means that unless a Facebook user changes who can search his/her profile on Facebook using a phone number, anyone on Facebook can look up his/her profile on Facebook.

In Facebook settings, if one checks the field “Who can look you up using the phone number you provided?”, the options available are “Everyone, Friends of friends, or Friends” which means you cannot stop your Facebook friends from looking up your profile using your phone number.

Like it or not, Facebook already knows your phone number

Burge added that even if Facebook users do not provide their phone numbers to the social media giant to activate two-factor authentication, there’s a chance that Facebook already has their phone numbers thanks to an integration with WhatsApp, Facebook Messenger, and Instagram.

“*Not* giving your phone number to FB is a borderline pointless: they have it anyway. If any of your friends accepts to Messenger or WhatsApp accessing their contacts, Facebook knows your number, no matter what you do. When opening Facebook Messenger for the first time, the default action to create a new account is no longer email or username; it’s phone number. The holy grail. The unique ID,” he said.

He added that days after providing his phone number to Facebook, he got a notification from Instagram that displayed his phone number and asked him to add it to his Instagram account to receive relevant ads, receive SMS notifications, and find friends.

Burge recommends that if you want to secure your Facebook account with two-factor authentication, then instead of providing Facebook with your phone number (which will be shared with advertisers, with WhatsApp and Instagram, and allow other people to find your profile), you should use app-based 2FA and everytime you will log into your Facebook account, the third-party app will generate a unique token number.

“Yep. I can no longer keep private the phone number that I PROVIDED ONLY FOR SECURITY to Facebook. ZERO notification of this major, risky change. For years I urged dissidents at risk to use 2FA on Facebook. They were afraid of this. @Facebook doesn’t care about their safety,” wrote Zeynep Tufekci, a reporter at The New York Times.

“Based on assurances by Facebook that 2FA numbers were 2FA only, we told people—AT REAL RISK—to use 2FA even when it was just via phone number. It sucked, but getting hacked is more dangerous. Hard for dissidents to avoid Facebook. Now sold out to improve ad-targeting a tiny bit.

“Phone number is such a private, important security link. But Facebook will even let you be targeted for ads through phone numbers INCLUDING THOSE PROVIDED *ONLY* FOR SECOND FACTOR AUTHENTICATION. Messing with 2FA is the anti-vaccination misinformation of security. Unconscionable,” she added.

ALSO READ: Facebook denies it asked banks to share customers’ financial information

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]