A quartet of researchers from the University of Biritish Columbia recently demonstrated how "Socialbots" can "harvest vast quantities of personal data" on popular social networking site Facebook.
Socialbots aren't creations of the researchers—they've been around for a while but are growing in popularity—but the researchers did prove how easily these bots can access private information.
Facebook, which notably dubbed the research "overstated and unethical," appears prone to computer programs that mimic real Facebook profiles. The software performs basic social networking activities such as posting status updates and, of course, issuing friend requests. Using one "botmaster" to manage 102 socialbots, their software sent 8,500 Facebook requests, of which 3,000 were accepted.
With these friends in tow, the socialbots were able to access more than 46,000 email addresses and over 14,000 home addresses.
Quoth BBC News:
In their paper, due to be presented at next month's Annual Computer Security Applications Conference in Florida, the researchers wrote: "As socialbots infiltrate a targeted online social network, they can further harvest private users' data such as email addresses, phone numbers, and other personal data that have monetary value."
"To an adversary, such data is valuable and can be used for online profiling and large-scale email spam and phishing campaigns."
However, Facebook said that the experiment was "unrealistic," with a spokesperson affirming to BBC that "we have numerous systems designed to detect fake accounts and prevent scraping of information." Plus, the onus should be on the people who befriend strangers, the social network says.