Facebook heavily advertises its new private messaging features. But how safe are these messages? The many current hacking cases and a recent NZZ article about fake identities with FB messages made me think, and the below experiences leaves some doubts: is it possible, that FB messages are read by someone else? What are your views?
We were looking for a new name for followerrate.org. We are extending features and the current name doesn’t fit anymore. After a brainstorming a small group of us decided to go ahead with one name. I wanted to double check the name with @hofrat - he knows followerrate well & I wanted an outside opinion on the name. I DMed the name to him, and for clarification, I wrote him a Facebook message & explained him the changes & extensions of services we are working on.
Someone else registered the Twitter name
Tuesday morning, we started the registration process and were very surprised, that the Twitter handle was not available anymore: A new account was created just a few hours after I sent the FB message.
What may have happened?
- It can probably not be a coincidence -
- The second thought is, that an employee of us (Colayer India) registered or leaked the name. For a number of reasons I think this is unlikely. Only a few knew about it. And it would not be of any use to them, as they know, that we would not go ahead without the twitter handle. Also, the registration time was 2.45am local Indian time – unlikely, as all of them were at work in the morning.
- More likely is a registration in Europe (23.15) or US (early evening). But neither me nor @hofrat talked about the name with anyone else.
- Or is it possible, that someone else, a spammer or hacker has read the twitter DM or the FB message? – In my FB message, I mentioned that we plan to register the url, but nothing about Twitter. A reader could have thought, it would be smart to register the Twitter handle – If he would have registered the url, we would probably have gone for a different name. A plan could have been, to let us build our app on the new name & then sell us the Twitter handle, or use it for spamming.
But is this likely? -
Just a few days ago, @hofrat was the target of a spammer attack – a different case and probably not related – but the amount of recent cases in the world as well as in my network is increasing: and most of the cases are not even public!
Access to message content is not just possible, if someone has a password or a troyan. Also some FB apps are able to read messages in inboxes – Which gives employees (and alumnis?) not only of Facebook, but of many app companies the possibility to get access to messages – Could it be that someone scans messages & tries to use information? -
What would you do?
The twitter account is registered without any public information. No tweets, no bio, no location, no following, no followers. Would you contact Twitter and try, if they re-assign the handle to us? Or would you contact both, Twitter & Facebook because there may be hacking involved, and ask them to investigate the case further? They could see the IP & location of the registrant & ev find out his identity – and in case it was an employee or someone related to us, we should know! -