Facebook took the world by storm when it announced the launch of Facebook Graph Search – a tool that gives people the power and mechanism to search through the massive pile of information, photos, Likes, music, and other data that is present on the site.
For those who don’t know much about this latest release, Facebook Graph Search is a new search engine tool that allows you to explore things on the basis of relationships and other context. The results are drawn from the limitless pool of tags, status, check-ins, and Likes posted by billions of Facebook users. With the help of this new tool, you can search people with common interests, like “friends who like Star Wars and live in New York” or “friends who visited a particular restaurant in the recent past.”
From the search point of view, Graph Search promises to be a very powerful tool that personalizes your search to make it more relevant and specific. The search results can be specified to a level so as to show only females or only males that match your search criteria. And if you are one of those who are a supremely private Facebook user and are extremely cautious about your privacy settings, then the good news is that the Graph Search respects your existing privacy settings. It allows you to limit your status updates and other sharing on the network only to a curated list of friends.
But even this supreme search tool has its own shortcomings. While the whole world is looking for a chance to try their hands on this amazing feature, attackers are looking toward it as a potential weapon to carry out hacking and phishing attacks. Even security analysts share the same view about Facebook’s Graph Search feature, tagging it as a “double-edged sword” that can allow attackers to “narrow down specific targets, and customize emails or Facebook messages using compelling details about their lives, their friends, the things that interest them, and the places they’ve visited.”
According to Andrew Storms, director of security operations for nCircle, “The new Facebook Graph Search is a phishers’ dream come true. It takes the micro-targeting capabilities that have been available to online advertisers for years and puts them into the hands of cyber criminals.” Alex Horan, security strategist for CORE Security, also raised the same concern, “This means Facebook will want it to have as much information available as possible to respond to each query, ensuring people have a positive experience. This directly goes against the desire expressed by people to keep their information private.” Horan also said that though the entire data is already present on Facebook and is prone to phishing attack, this new feature makes it lot more convenient for attackers to identify their target groups and carry out a customized attack.
So, whether Graph Search will prove to be a “third pillar” of Facebook or serve as a new tool to carry out phishing attacks still remains a question. What do you think about this? Do let us know.