Sophos created a fake user, Freddi Stauer (and anagram of ID fraudster), fronted by a picture of a green plastic frog, and sent friend requests to 200 people at random to see what kind of info they could dig up. The results as reported in MacWorld:
Out of the 200 friend requests, Sophos received 82 responses, with 72 percent of those respondents divulging one or more e-mail address; 84 percent listing their full date of birth; 87 percent providing details about education or work; 78 percent listing their current address or location; 23 percent giving their phone number; and 26 percent providing their instant messaging screen name.One gullible individual even gave up that coveted bit of intel -- the mother's maiden name. Sophos also got access to a trove of pictures, likes and dislikes information, names of spouses and partners, even some complete resumes.
If this information about how your employees could be compromising your company's security online alarms you, the Wall Street Journal Business Technology blog offers some further reading -- a study by the Pew Internet and American Life Project on how young people treat their personal information online.