A recent study was conducted by Wali Ahmed Usmani, a graduate student in computer science at the University of British Columbia. The researchers conducted a survey of 1,308 American adults and asked them if they had ever snooped on a family member, friend or romantic partner by accessing their Facebook account without their permission.
More than one-in-five (24 percent) of those surveyed answered they have. When asked if they ever had someone close to them access their Facebook without permission, 21 percent said they had.
The access without permission to Facebook accounts was accomplished by using the devices of the person whose account had been entered. Access was usually gained when the owner of the computer or phone left it on logged in to Facebook and then left the immediate area. Such things as passwords or PINS were not needed in gaining access.
While examining Facebook being accessed by insiders, researchers broke the motivation for doing so into five areas; fun, jealousy, curiosity, utility and animosity. While some reasons did not result in serious repercussions, others did.
The researchers found most of the time those who gained unauthorized access did something they thought was funny. They would change the user’s profile picture, change the person’s status or enter what they thought was a humorous post. But the consequences were more serious when motivated by jealousy. One of the paper’s authors, Professor Ivan Beschastnikh, said those whose motivation is jealousy plan their actions carefully and usually remain on the Facebook account for at least 15 minutes. In many instances, the act results in the termination of the relationship. Some unauthorized entries into Facebook result in criminal charges.
The report states unauthorized use by insiders is so numerous ways must be found to prevent this type of entry and report it to the owner of the account. People are encouraged to change their passwords frequently and use an authenticator. And people should never give anyone else their passwords. The study’s authors suggest installing a passive log that would record the amount of time browsing took place. This would not stop anyone from using another person’s Facebook account but might serve as a deterrent.
In the end, there is only one solution to stop attacks from insiders; always log out when you leave your device.
