Total lawlessness at Facebook, as Zuckerberg and Co. caught phishing user email contacts and passwords “without consent”
By Ethan Huff // Apr 05, 2019

Remember those fake emails we all used to get from "Nigerian princes" offering us free money, if only we shared with them our private banking information? Well, Mark Zuckerberg's Facebook has now become one of these scammers, as the social media platform was recently outed for harvesting users' email contacts and passwords without permission, and uploading the data to its servers.


Adding to the litany of data breaches and privacy violations already uncovered, Facebook has reportedly been asking some of its users to "confirm" their private email account passwords in order to "verify" their accounts – only to secretly use these passwords to steal users' contact lists.

Facebook users with overseas or non-mainstream email domains, such as GMX and Yandex, have apparently been the primary targets of this illicit phishing scheme, while users with email accounts at more well-known servers like Gmail have been having their accounts "verified" in secret, without a visible prompt asking them for their passwords.

"When users try to register with certain email providers, including Yandex and GMX, it asks to 'confirm your email address' by entering their password directly into Facebook," a report containing the detailed findings of a lengthy investigation by Business Insider reveals.

"Users of other email providers like Google's Gmail don't see the option, as it makes use of authorization tool OAuth – a common tool for securely verifying your identity without requiring you to input your password as Facebook is doing here," it adds further.

For more related news about Facebook's illegal privacy invasion schemes, be sure to check out

Security expert calls Facebook's password-phishing scheme "sleazy," likening social media giant to a criminal hacker

Once the news broke about this illicit scheme, Facebook was quick to deny any wrongdoing. A spokesman for the Silicon Valley-based social media giant insisted that the passwords harvested by Facebook "are not stored" on its servers. This same spokesman added that Facebook will now be "discontinuing the feature" – not because it was brought to light, of course, but because it apparently wasn't "the best way to go about this."

Commenting on the revelation that Facebook is once again stealing people's private information without permission, security research and expert Bennett Cyphers from the Electronic Frontier Foundation (EFF) declared that the whole scheme is "basically indistinguishable to a phishing attack," comparing Facebook to a basement-dwelling hacker, in so many words.

"This is bad on so many levels," Cyphers is quoted as saying. "It's an absurd overreach by Facebook and a sleazy attempt to trick people to upload data about their contacts to Facebook as the price of signing up. Even when you consent to uploading contact information to Facebook, you should never have to put in your email password to do it," he added, stating bluntly that Facebook's little scheme "goes against all conventional wisdom, basic decency, and common sense."

Former Facebook operations manager Sandy Parakilas left the company last year over these types of shenanigans, which would appear to be routine and even built in to Facebook's entire structure as a company. She describes Facebook's misuse of user data as "horrifying," adding that there are no checks or balances in place at Facebook to ensure that user data is properly protected.

"My concerns were that all of the data that left Facebook servers to developers could not be monitored by Facebook, so we had no idea what developers were doing with the data," Parakilas is quoted as saying.

"Once the data left Facebook servers there was not any control, and there was no insight into what was going on."

Sources for this article include:

Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Embed article link:
Reprinting this article:
Non-commercial use is permitted with credit to (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more. © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.