snopes.com  

Go Back   snopes.com > Urban Legends > Computers

Reply
 
Thread Tools Display Modes
  #1  
Old 21 September 2007, 01:37 PM
Hans Off's Avatar
Hans Off Hans Off is offline
 
Join Date: 14 May 2004
Location: West Sussex, UK
Posts: 4,328
Default Facebook "hacker"

I have just received this via my facebook account...

Seems a little far fetched...

Quote:
If somebody called bm_tnoo7@hotmail.com adds you to their facebook account DONT accept it because its a hacker. Tell everyone on your list because if somebody on your list adds them you get them on your list he'll figure out your ID computer address. So copy and paste this message to everyone even if you hate them and fast because if he hacks their mail he hacks yours.
Reply With Quote
  #2  
Old 21 September 2007, 01:41 PM
James G's Avatar
James G James G is offline
 
Join Date: 12 January 2004
Location: London, UK
Posts: 3,680
Default

Quote:
Originally Posted by Hans Off View Post
I have just received this via my facebook account...

Seems a little far fetched...
Sounds along the same lines as the various hoax warnings on just about every other service, MSN, MySpace etc. I'd pay it no heed frankly. (Although there does appear to be a bug in the facebook API which allows unadded aplications access to E-mail notifications. Either that or it is using friends accounts to pull the gif of your e-mail addy and convert it back to text.)
Reply With Quote
  #3  
Old 22 September 2007, 02:11 AM
stalker stalker is offline
 
Join Date: 10 July 2006
Location: Las Vegas, NV
Posts: 2,014
Default

Quote:
Originally Posted by James G View Post
(Although there does appear to be a bug in the facebook API which allows unadded aplications access to E-mail notifications. ...
I've not used the PHP API so maybe it's different, but in the Java API the user doesn't have to have added the app but still has to have logged in to your app for you to be able to get access to their notifications. Even then, all you get is the IDs that you can use to link them through to though, you don't get the content or access to it yourself.
You can send e-mail notifications to friends of logged in users, but if the friend that your app is sending the notification to doesn't have your app added the user has to confirm it.

Quote:
Originally Posted by James G View Post
... Either that or it is using friends accounts to pull the gif of your e-mail addy and convert it back to text.)
Even added apps have no access at all to anything along those lines. It can find a list of friend IDs for logged in users but that's about it. For the logged in user you can access more information, mainly the basic profile info, but there's no detailed contact info in there.

Sorry for all the poo-poo'ing, but I didn't want people worrying about evil facebook apps stealing their info when they're actually very restricted in what info they have access to.
Reply With Quote
  #4  
Old 22 September 2007, 07:45 PM
lil hobbit
 
Posts: n/a
Default

not to pick nits but isnt is your ip computer address? and not your id computer address?
Reply With Quote
  #5  
Old 22 September 2007, 07:49 PM
sarahmonkey's Avatar
sarahmonkey sarahmonkey is offline
 
Join Date: 25 March 2005
Location: Monett, MO
Posts: 2,973
Default

This doesn't even really make sense, as on Facebook you are not identified by an e-mail address or screen name but simply by your first and last name.
Reply With Quote
  #6  
Old 23 September 2007, 01:15 AM
Not_Done_Living's Avatar
Not_Done_Living Not_Done_Living is offline
 
Join Date: 02 September 2006
Location: Markham, ON
Posts: 3,255
Default

All these "watch out for such and such" he's a hacker invariably start out as a personal vendetta against one person... which is pread and spread and spread until strangers are getting it and spreading it..
Reply With Quote
  #7  
Old 23 September 2007, 02:38 AM
stalker stalker is offline
 
Join Date: 10 July 2006
Location: Las Vegas, NV
Posts: 2,014
Default

Quote:
Originally Posted by lil hobbit View Post
not to pick nits but isnt is your ip computer address? and not your id computer address?
Yep, and unless you're browsing through a proxy, every website you go to has access to it. It's not exactly a security risk for people to know it.

And, just to clarify, the ID I referred to is a unique ID that facebook gives each of its users, messages, notifications, etc. It's useless in everything other than facebook and its apps.

Last edited by stalker; 23 September 2007 at 02:45 AM. Reason: My punctuation fu is poor tonight
Reply With Quote
  #8  
Old 24 September 2007, 04:43 PM
GingerJess
 
Posts: n/a
Default

With all the crap that has been added on facebook, it wouldn't suprise me if a hacker got in. But what is there to hack?
Reply With Quote
  #9  
Old 24 September 2007, 05:59 PM
Canuckistan's Avatar
Canuckistan Canuckistan is offline
 
Join Date: 27 March 2005
Location: Toronto, ON
Posts: 30,122
Icon18

Quote:
Originally Posted by sarahmonkey View Post
This doesn't even really make sense, as on Facebook you are not identified by an e-mail address or screen name but simply by your first and last name.
Which makes this guy stand out even more, huh? Now there's reason to be caught by the Facebook Hacker!
Reply With Quote
  #10  
Old 14 October 2007, 02:34 AM
GrUvGrL
 
Posts: n/a
Default

Quote:
Originally Posted by sarahmonkey View Post
This doesn't even really make sense, as on Facebook you are not identified by an e-mail address or screen name but simply by your first and last name.
That was my first thought.

I have however received a email notification of someone I never heard of wanting to add me to their facebook. When I logged on the notification was nowhere to be found. And when I searched the name... well, pages and pages of people with the same name came up.
Reply With Quote
  #11  
Old 28 October 2007, 02:03 AM
Barbara's Avatar
Barbara Barbara is offline
 
 
Join Date: 19 February 2000
Location: Los Angeles, CA
Posts: 7,368
Default

Looks like this would be a good time to add a link to the page we did about this hoax.
Reply With Quote
  #12  
Old 17 November 2007, 10:44 PM
MiddleEye
 
Posts: n/a
Default

If the message you got was supposed to be some sort of official warning from facebook itself I would ignore it completely because most companies send out mail with correct punctuation. Or at least try a little.
Reply With Quote
  #13  
Old 24 November 2007, 11:17 PM
46liter
 
Posts: n/a
Tantrum Middle eye is right

The techno-geeks should learn how to spell and punctuate. The most irritating thing I see all over the internet is bad spelling and poor punctuation. The abuse of apostrophes is epidemic in nature.
So there. I feel better now
Reply With Quote
  #14  
Old 24 November 2007, 11:54 PM
Jerry
 
Posts: n/a
Default

I would simply copy and paste the letter into a new e-mail and send it to Facebook security or help section with an explaination.

When it comes to anything like that The company or host site should be informed right away .
Reply With Quote
  #15  
Old 27 November 2007, 10:37 PM
PinkFloydFan666
 
Posts: n/a
Default

It's Tom!
But I don't think they'd be able to do that if they're JUST on your friends list
Reply With Quote
  #16  
Old 04 December 2007, 08:06 PM
Capri
 
Posts: n/a
Default The Facebook Hacker with an Identity Crisis

The hacker seems to have been given different email addresses, different names, and according to those names, this hacker is likely to switch genders at will too.So far I've heard of she/he being called Kurt Chapman, or Charlotte Simmonds, with these weird addresses, bumtnoo7@hotmail.com and bm_toon7@hotmail.com

The sites I've collected so far on this hoax, including of course, Snopes

Facebook Hacker Hoax Info:
http://www.sophos.com/security/hoaxe...ok_hacker.html
http://www.hoax-slayer.com/bumtnoo7-hacker-hoax.shtml
http://www.snopes.com/computer/internet/dontadd.asp
http://bulkanix.blogspot.com/2007/11...in-letter.html
http://grantalias.vox.com/library/po...book-spam.html http://pyrrhamaniac.blogspot.com/200...ed-so-far.html
Reply With Quote
  #17  
Old 10 December 2007, 11:14 AM
TomBernard
 
Posts: n/a
Default

Quote:
Originally Posted by stalker View Post
Yep, and unless you're browsing through a proxy, every website you go to has access to it. It's not exactly a security risk for people to know it.
Indeed, there are various websites that will let you know your IP address, as well as location, ISP, operating system, etc.
Reply With Quote
  #18  
Old 10 December 2007, 11:59 AM
Jonny T
 
Posts: n/a
Default

Quote:
Originally Posted by TomBernard View Post
Indeed, there are various websites that will let you know your IP address, as well as location, ISP, operating system, etc.
there are also some, uh, less innocent ways to find the first...
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT. The time now is 06:54 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.