Graham Cluley said Facebook now gives third parties access to that information and developers of applications get access to the contact information of users who install their apps.
“These permissions must be explicitly granted to your application by the user via our standard permissions dialogs. Please note that these permissions only provide access to a user’s address and mobile phone number, not their friend’s addresses or mobile phone numbers,” the Sydney Morning Herald quoted Facebook’s Jeff Bowen as saying.
However, Sophos security expert Cluley, has raised doubts over the move.
“You have to ask yourself – is Facebook putting the safety of its 500+ million users as a top priority with this move?” he said.
“It won’t take long for scammers to take advantage of this new facility, to use for their own criminal ends.”
Cluley advised that users should take personal info such as home addresses and mobile numbers off their pages.
Cluley said, “You can imagine, for instance, that bad guys could set up a rogue app that collects mobile phone numbers and then uses that information for the purposes of SMS spamming or sells on the data to cold-calling companies.”