Malicious bots masquerading as human users are able to infiltrate Facebook, according to research from the University of British Columbia. It demonstrated its claim by making off with 250GB of users' personal information. But the social network says it has "serious concerns" over the credibility of the research.
The study, reported by our US cousins at CNET News, saw researchers unleashing 102 'socialbots' -- programmes that behave much like proper humans do on Facebook. They have a made-up name, a profile photo and can post messages and send friend requests.
Those bots then sent friend requests to 5,053 randomly selected Facebook users. The bots only sent 25 requests per day to avoid triggering Facebook's anti-fraud measures, but nevertheless in the first two weeks about 19 per cent of people accepted those fraudulent friend requests -- a statistic that makes us despair for humanity.
Over the next six weeks thousands more requests were sent out, to friends of people who had accepted requests in the first round. These proved much more successful for the researchers, with about 59 per cent of people accepting a request from someone they didn't know, but with whom they had a friend in common.
The researchers claimed that only 20 per cent of the socialbots were blocked, and only because other people on Facebook reported them as spam accounts.
Facebook isn't too impressed by the data -- in a statement to CNET UK it said, "We have numerous systems designed to detect fake accounts and prevent scraping of information. We are constantly updating these systems to improve their effectiveness and address new kinds of attacks.
"We use credible research as part of that process," the social network stated, adding, "We have serious concerns about the methodology of the research by the University of British Colombia and we will be putting these concerns to them."
Read the paper for yourself here (PDF link). Was the study fair? Should researchers be purloining personal data, even if it is to prove a point about Facebook security? Let us know what you reckon in the comments, or on our Facebook wall.
Oh, and if someone with a name you don't recognise and a face you've never seen before sends you a friend request on Facebook, think twice before accepting.
Image credit: CNET News