How scammers used Facebook’s phone number and email address search facility

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

How scammers used Facebook’s phone number and email address search facility

Facebook has been all over the news lately over the data breach scandal involving data being skimmed by Cambridge Analytica. Since news first broke of the scandal, Facebook has been under heavy fire over their data privacy policies, as well as how they use people’s data and how it is shared.

In the latest, it can now be assumed that every Facebook user has had their data improperly shared. But, another issue is the questionable Facebook phone number search facility that has, reportedly, been used by scammers who are abusing the facility for their own gain.

Read on to find out how.

You can (or rather, could) search for a person on Facebook using a phone number or an email address: a feature designed to allow people to search for their friends’ profiles when they have their mobile telephone number or email address.

But scammers have also been using the facility to great effect.

By searching for a phone number or an email address, which by all intents and purposes could be completely made up by the scammer, they can link the search to that person’s Facebook profile in order to gain more information about them.

Here’s an example: a scammer types a random number into the Facebook search facility and finds the number is real and belongs to someone’s profile. Depending on the person’s security and privacy settings, the scammer may now have the full name and address (or at least location) of the victim, and could even see posts they have made which could help them target them more. Say, they put a post up complaining that their telecommunications provider had let them down with a complaint. The scammer could try and pose as a representative from the company and scam the victim.

An email address could be even easier to use given how many of them are hacked from databases all the time. Organisations who have their customers’ information breached often play down the breach when it involves “just an email address”, but a scammer could take that email address – even where it’s nondescript – and could abuse the Facebook search facility to locate the owner’s profile, and therefore find way more data about them.

Ever wondered how people get your data when it seems almost impossible as to how they got it? Well, perhaps this is the reason as to why…

Facebook has previously encouraged users to add their phone numbers for the facility to work, but this has inadvertently opened the door to scammers to abuse the facility. This issue has been known for a long time, yet back in 2015 Facebook reportedly told a security researcher that it did not consider this to be a security vulnerability.

Following the additional scrutiny Facebook has been under as a result of the Cambridge Analytica data scandal, they have now removed the facility.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon