Written April 2009
By Cliff Feldwick
That noise is your address book being scraped. No, not scrapped, but scraped for information.
This column was planned as an amusing tale of a friend's encounter with the unexpected aspects of Facebook. However, a recent article on Windows Secrets, an online newsletter for the more technically inclined, revealed yet another dark side of the computer business.
I recently received a "friend" invitation from someone I had never, ever expected to be on Facebook. Her dismissal of the whole concept as a juvenile time-suck was pretty firm. So when the invitation arrived, I replied that hearing from her in this fashion was surprising, but I happily confirmed.
But it turned out that it was a little surprising for her, too.
When trying to catch up with an old friend who had moved, she sent an e-mail to an old, but still apparently still usable, address. He replied with a Facebook invitation, and she signed up just to keep in contact.
The next step was the slippery one. Facebook offered to use its "friend finder" to see if other people she knew were on Facebook and she agreed. Since she was on AOL, it asked for her e-mail password.
At this point, let me note that you need to be aware that most of these networking sites have similar tools that build your network and they all ask for this way into your information. That's why you should be wary.
Yep, just as feared, it went into her AOL address book and proceeded to send Facebook invitations to everyone in there, which is why I got one. So did a bunch of people she works with, some old boyfriends and more than a few people that wouldn't be on her usual list.
When the replies started coming in, including at least one offer to post old photographs, the "oh, damn" realization arrived. Now what? How can you politely uninvite the unintended?
Embarrassing, but probably harmless. It's sort of like watching the new people to Facebook post things to a friend's "wall" and not realize that doing this, as the name suggests, opens a space where everyone can read it (rather than a personal e-mail).
Regular "business networking" sites, such as LinkedIn and Plaxo, also offer to get info from Gmail, MSN, Yahoo, AIM, etc. Probably because of this, and the use by social networking sites of "friend" tools, people have become accustomed to allowing access to their contacts. And here come the scrapers.
Still More From the Dark Side
A new batch of programs have sprung up, marketed to web site operators and marketing firms, which mimic the friend tools. Bearing names such as TrafficXplode and the more revealing ViralInviter, they are cleverly written to look like social networking tools. And they ask for your e-mail password/access to your Outlook contact list.
Where that information goes after that is what causes trouble.
Yep, the spammers have been using these same programs to get lists for their weight loss and "make millions overnight" schemes. And since the "invitations" often come from people you know (who gave access to their address lists), you're more likely to respond.
One scammer used a fake Plaxo invitation that deliberately had some wrong information. Many people would react by going "Whoa, that's wrong" and correcting it. Oops.
What to Do
It's easy to suggest avoiding using the easy network building tools, but it's not the easiest advice to follow because they're so convenient. But ask your friends not to use them, either. Really, is it ever a great idea to share your passwords with a third party?
Have separate addresses for home and work e-mails and never use the work one for social aspects. That's a good idea anyway. You can also get "disposable" e-mail addresses from Google or Yahoo that forward your mail to your real address, then you can kill them when the spam starts arriving and get another one.
Facebook is actually more protective of its information than a lot of sites. However, you have to realize that the information on an average profile is quite revealing, thus inviting to identity thieves as well as spammers. Handle with care.
More Junk
Speaking of Facebook, have you noticed the ads on the right side of its page that defy any credibility? First there were the "get your free stimulus check" ads, often with pictures of President Obama, offering "free government grants" to pay off your mortgage or student loans, start a business or travel to Tahiti. What they ended up doing was getting the Federal Trade Commission involved; Facebook may have actually woken up and canned them, far too late.
Then there were the "Earn $85 an hour part-time" ads - which, if the way the models were dressed was any indication, probably involved prostitution. Now it's the "we need testers" junk that offer free Mac laptops or digital cameras that are "yours to keep" for evaluating this product.
It reminds me of the less-quoted half of P.T. Barnum's famous quote of "There's a sucker born every minute" - which was, "and two to take him."