Site icon Sophos News

Facebook’s see yourself bald app: extreme hackers or extreme hoax?

Beware the “extreme hackers!” They’re the WORST! They’re “gaining control of people’s personal information and selling it on the black market!!!!”
Not just any people, mind you: they’re preying on all those Facebook users who want to see what they look like bald or as the opposite sex!!!
…Or NOT!!!!
Yes, this is the let’s-freak-out-Facebook-users viral hoax of the day! Some hoaxster(s) came up with a fiction about “extreme hackers” stealing personal information via popular entertainment apps that transform your photo, showing you how a gender-bending or less-hirsute version of you would look.
Since last month, the hoaxes have been spreading faster than a razor blade on an aloe vera skating rink.
Here’s one of many you could find on Facebook as of Thursday, when it had been shared nearly 13,000 times and had picked up 671 comments:
And here’s the full text:

WARNING FACEBOOK
There is a website link traveling around Facebook at an extraordinary rate which allows you “to see what you would look like as the opposite sex” and also one that lets you see what you look like “as a bald person”.
DO NOT enter these links, they are controlled by extreme hackers who are now gaining control of people’s personal information and selling it on the black market. As soon as you have clicked share to Facebook it gives these hackers instant access to your own personal details and puts your family and friends personal details at risk.
PLEASE SHARE TO MAKE YOUR FRIENDS AWARE

Snopes debunked the viral warnings on Wednesday.
Yes, the apps do access personal information in users’ profiles, but not in an illegal way. The security threat they pose is “exaggerated,” according to Snopes. After clicking on a link in one of these entertainment apps, an external web page opens and instructs the user to log in with Facebook to see the results.
In fine print at the bottom of the page is this disclaimer:

This app uses data and contents only if they are publicly available or with the consent of the users. We kindly ask you to use the app only, if other users will not be affected adversely.
*Only users who have reached the age of 16 may use this free function. You agree that your picture will be transmitted to the provider FaceApp (St. Petersburg, RU) for the sole purpose of its editing and will be deleted afterwards (data protection and objection notice).

And what information will those baldifying, sex-swapping Russian app makers get out of our clicks?


Snopes says that users who click are presented with a dialogue box informing them that certain information (typically their Facebook profile data, photos, and e-mail address) will automatically be shared with the web site if they continue. Some of the apps also request permission to post on the user’s Facebook page.
Users who continue are then presented with a selection of photos from their Facebook page and invited to choose one for alteration. The app then displays before and after versions of the photo: one with hair, one without. Then it invites the user to like the app.
Snopes calls it “relatively harmless.” Of course, we always have to be careful when granting apps access to our personal data. Snopes advises checking out the Terms of Service and Policy notifications to make sure you know exactly what you’re signing away. Like, say, your firstborn. (Don’t have the time? Check out a new machine-learning project that turns privacy policies into pretty flowcharts!)
Here’s Facebook’s overview of what types of information games and apps are allowed to collect when you install them:

Keep in mind when you install an app, you give it permission to access your public profile, which includes your name, profile pictures, username, user ID (account number), networks and any info you choose to make publicly available. You also give the app other info to personalize your experience, including your friends list, gender, age range and locale.

Of course, just because this viral hoax is hyperventilating doesn’t mean we shouldn’t be concerned about all of the data Facebook and other parties with less than honorable intentions – say, political ad buyers – gobble up from us.
But as far as the hoax slayers are concerned, we can take a deep breath and relax when it comes to the bald-you and gender-swapped-you apps: they’re really not extremely hackerish. The only hacksters at work here appear to be the hoax makers who are whipping people up over nothing.
Which brings me to my favorite comment I’ve seen so far on these hoax posts:

And there’s another post going round about hackers stealing people’s information that actually tests how gullible a person is and shows how quick scaremongering posts spread by social media… keep an eye out for it!!


Exit mobile version