Facebook Messenger

Facebook Messenger May be Sending out More than Just Your Message

Last updated on February 13, 2019 Views: 547 Comments: 6
More than likely, you are one of the two-billion users on Facebook and have already experienced the new Facebook Messenger App. We use Facebook all the time that we never really take a moment to think about what are the dangers of using Facebook and its associated app. Did you know about all the privacy and security-related issues? Do you know just how much information about you is stored, leading to the possibility of identity theft? Read on to find out.

The road to a separate Facebook Messenger app has been a long one. While a separate app just for messaging has been in the cards since 2011, it wasn’t until 2014 that it became a reality. Now, you no longer send Facebook messages via the regular app, but this specialized messenger-only app. And today, even if you don’t have Facebook, you can still download the app and use your phone number to join.

Additional upgrades to the app, including the ability to send money via the app in 2015, and the advent of voice and video chats, leveled the playing field between Facebook Messenger and rivals like WhatsApp and Viber. With its multiple layers of functionality and access to third party apps for various add-ons, the Facebook Messenger app has grown into its own thing, separate from the ‘regular’ Facebook app. But what does all this mean for your privacy?

Changes to the Facebook Messenger App and What It Means for You

While all these advancements seem amazing, there is an unfortunate side effect – it increases the risk of identity theft. Once you download the app, to use it you need to agree to the terms and conditions. Have you read the ToCs? Probably not, most of us skip them. Therefore, you remain blissfully unaware of what it is that you agreed to when you downloaded this ‘free’ app.

You may not be paying for the app with cold hard cash, but you are paying with your privacy.

Once you accept the ToCs, you agree to allow Facebook to collect lots of information about you. While the majority of this information is used to create personalized ads and tailor goods and services to the individual, if the wrong people get their hands on this information, it can greatly increase the possibility of identity theft.

What exactly are you giving the Facebook Messenger app access to when you click the ‘accept’ button:

App and Device History. The app will be able to read any sensitive log data, go through your browser history and bookmarks, and information on any running apps.

Identifying Information. The messaging app can access your profile information and read your contact card, as well as find and/or remove accounts.

Contact Information. Facebook’s messaging app can read AND modify your contacts, as well as go into your calendar to read it, modify it, and send messages to your contacts regarding your calendar.

Possibly one of the scariest parts of the new app is the GPS tracking capability.

GPS tracking does communication easier – if are meeting up with a friend, you can send them your exact location to come and find you more easily. This, however, opens the door to a host of issues. Every time you send a message, your location will also be tagged. While if you are one-on-one with someone you know, this isn’t too scary; but if you are in a group chat with people you don’t know, they will be able to see where you are. Do you want strangers knowing your exact location? You may want to turn your GPS off.

And there is other information as well the app can take from you – it can read your SMS messages, check out your call log, look over what’s stored on your phone and any external storage (like an SD card), and record audio and visual.

iOS forensics and security researcher Jonathan Zdziarski explained to Motherboard: “Ultimately it comes down to whether or not you trust Facebook not to take advantage of their position on your device to snoop on you. The technical capabilities to do so are certainly there.”

Here’s the TL:DR version: any vulnerabilities in the messenger app could potentially lead to the spilling of your personal information.

How This Can Lead to Identity Theft

Do you know what Facebook does with the information it collects? We do know it sells some of this information to third-parties, which is why the app remains free. (There are issues with this as well, but that’s for another day, and another post.) But with the cyber-crimes black market growing at an exponential rate, what stops someone from hacking into Facebook and getting this information? If this information were to get into the wrong hands, information like names, phone numbers, pictures, and locations can be sold to the highest bidder.

Is Facebook messenger security tighter than Fort Knox? We’d like to think so, but with large corporations like Uber, Target, and Equifax suffering the consequences of large-scale hackings, we can never be too sure. There is always the risk of identity theft via social media, and the Facebook Messenger app is no exception.

How to Protect Yourself Against Facebook Messenger App ID Fraud

Protecting yourself in a world where data collection, leaks, and fraudsters are becoming ever more difficult to spot, has become increasingly important. With Facebook messenger privacy being questioned, here are just a few tips and tricks you can take advantage of, to keep yourself from becoming a victim of ID fraud:

  • Make sure you know everyone on a group chat before posting private information as well as giving away your location.
  • Do not reply to messages from people you do know that look odd, it is possible a friend’s account was hacked, and a scammer is trying to get more information about you.
  • Never share your online credentials with anyone.
  • Set up a two-step verification on Facebook for an added security layer: Click on the down arrow on the far-right side of your Facebook homepage >> Settings >> Security >> Login Approvals >> enable Facebook’s Two-Factor Authentication.
  • Make sure your date of birth is not placed publically on your profile and is viewable to your friends only. Scammers can click through from the Messenger app to your profile and easily access this info.
  • Refrain from using a passport-style photo as your profile picture.
  • Do not use the Facebook Messenger app while connected to a public Wi-Fi account.

What to Do If You Are a Victim of ID Fraud on Facebook Messenger App

If you do happen to fall victim to identity fraud, then don’t panic, there are a number of things you can do right away to limit the damage:

  • Immediately change your Facebook passwords.
  • Place a fraud alert on your credit file – this will ensure businesses verify your identity before issuing credit in your name.
  • Freeze your credit cards.
  • Create an identity theft
  • Report the hacked account to Facebook and/or the individual responsible.
  • Maintain constant vigilance when it comes to your Facebook account, and give your privacy settings a once-over to ensure as much security as possible.


Article comments

Anon says:

I’ve never really trusted Facebook, it’s just not safe to give that much info away and they’re always spamming me with emails.

noname says:

You definitely can’t trust Facebook!!! Remember that picture of Zuckerberg with the camera on his computer covered by tape? If he thinks its necessary to do that then you know they’re watching everything we’re doing!!!

Joe says:

You gotta be careful. A few months ago a friend of mine that I’ve known for years sent me a link in chat. I actually know this person in real life so I didn’t think much of it. After clicking the link, it appeared I was logged out but once I tried and logged back in, nothing happened.

Come to find out that my friend had been hacked and the link was to a spoof site. I ended up losing access to my account and it too days to recover my account. Bad links can come from ANYWHERE.

Serena says:

Wow! I’ve never thought about some of the dangers in this article, especially the dangers of group chatting or having a photo that can be used on a passport. It’s scary that you can’t trust even big websites like Facebook these days.

Mark says:

Do you think Messenger’s security is better or worse than WhatsApp? Is there any reason to use one or the other?

ST Editor says:

Thanks for the great question! We generally like WhatsApp’s end-to-end encryption, which guarantees that all your conversations are encrypted and visible only by you and the person to whom you’re talking. However, as both services are owned by Facebook, we’re hesitant to call one better than the other. If you prefer the added peace of mind of encryption, WhatsApp should be your go-to messaging app!