Creepy Facebook apps mine your profile for bikini shots, break-up status

Some third-party Facebook apps are moving into territory that's downright disturbing

The world has fallen for Facebook hook, line, and sinker. It puts you in touch with old friends! It lets you share photos and videos! But plenty of people hate it, too--and for equally good reasons. All of that information you put out there could end up in the wrong hands, leading to anything from minor privacy violations to dangerous oversharing.

Facebook isn't to blame. More and more apps built to take advantage of the social network's very social tools are hopping the fence from useful and crossing over into downright creepy territory. I looked at several of these apps, which handle tasks such as searching for photos of your friends in their bikinis to notifying you about people who are newly single, to see just how disturbing they are. Some worked more or less as advertised. Others failed miserably, which is good news, as some of the very concepts made my skin crawl.

On the Rebound

On the Rebound is both more and less disturbing than I expected. My expectations were lowered when I realized that this app's tagline is, "We don't post to your wall...ever." Not exactly a way to earn trust and respect. Neither is the fact that its disclaimer states, "On the Rebound is for entertainment purposes only. It will not help you get laid, but if it does, please let us know."

On the Rebound is designed to analyze Facebook data to "find the perfect time to score a friend on the rebound." But after testing it, I realized that it isn't quite as scary as I'd expected. It's severely limited by the amount of information that Facebook users share. When you connect this app to your Facebook account, it displays a list of your friends who are currently single--but it includes only those who have set their official relationship status to one of the app's choices, which are single, divorced, or separated. That's why it identified only 10 prospects in my tests.

Once your "love interests" are identified, you can select one to analyze. On the Rebound calculates a "rebound rating" on a scale of 1 to 100. It offers its advice on how to proceed, which ranged from "Have a few drinks, make a new 'friend'" to "Is he still out doing the scene?"

I used the app to analyze the profiles of a few friends--while breathing a large sigh of relief that no one would be notified of my actions--and was more amused than alarmed by what it told me. On the Rebound can detail the dates of your friends' last relationships, but only if they've authorized Facebook to share that information with third-party apps, and all 10 of my prospects had declined. It offered the same analysis of two friends: "She's either depressed or a party girl. Figure out which before going forward." My friends couldn't be more different. (You can select to display only males, only females, or both.) And of one friend, who would be far more likely to be at home with a book than out on the town, it asked, "Did you meet her in a club?"

Breakup Notifier

Breakup Notifier promises that you will be "the first to know" when the object of your affection ends his or her current relationship. But, in my tests at least, this app proved incapable of delivering on that promise.

It's similar to On the Rebound, only with intentions that seem a little more pure--on the surface, anyway. It assumes you wouldn't attempt to date anyone who's currently spoken for and that all of your friends will update their Facebook relationship status immediately upon ending things. Both of those may be a reach for some of the folks interested in this kind of app.

It's simple to use: It presents you with a list of friends and you select the ones about whom you'd like to receive notifications. Then, you sit and wait. And wait. And wait. It's supposed to deliver an email notifying you of the status change, but failed to do so in the 48 hours after two of my friends changed their relationship status to single. If I were to rely solely on Breakup Notifier to find out about relationships ending, chances are good I'd be the last to know.


On the surface, Badabing just might be the creepiest of the apps tested for this roundup--so much so that I'm hoping no one will ever see it installed on my phone. This $1.99 iOS app searches through Facebook photos of your friends, looking for shots taken on the beach or the pool, especially those in which the subjects are wearing bikinis. It uses an image recognition algorithm that looks for, well, skin. If that alone doesn't creep you out enough, consider that you can save and rate your favorite photos.

The good news is that in my tests, Badabing didn't work nearly as well as the company claims it can, boasting an 83 percent success rate. I tested it on my own photos, and the majority of the ones it found were not taken outdoors, and only a few showed anyone in a bathing suit. Some of the misfires were understandable--one was a baby in a diaper, showing plenty of skin--while others, including a bride inside a reception hall wearing a floor-length wedding dress and a fully clothed baby sitting in a high chair, were not.

Friend WatchDog

Of all the apps I tested for this article, none made me feel more like a peeping Tom than Friend WatchDog. This free app isn't doing anything underhanded, as all of the information it gathers is freely available online. It tells you how often your friends have logged onto Facebook and Skype in the past week, and shows you the status updates they posted during that time. You could see all of this information for yourself if you spent all day online. But Friend WatchDog presents it all in a very scannable graph, which makes it almost too easy to keep tabs on your friends--and made me feel like I was tracking their movements.

How to avoid creepy apps

The first step in protecting yourself from any of these apps is limiting how much you share on Facebook. If you don't want third-party apps checking up on your relationship status, don't enter one. You can leave it blank, and all of the folks who are your real friends will still know whether you're married or single, or whether "it's complicated." Similarly, if you don't want your friends searching for bikini shots of you, don't post them. (And, as an aside, if you have the kind of friends who might be tempted to do so, you may want to rethink your friendship--but that's just my opinion.)

Of course, it's not impossible to share information on Facebook and maintain some semblance of privacy. You just need to update your Facebook privacy and account settings, and check their status often to keep up with Facebook's constant changes. Under General Account Settings, you can access your Privacy and App Settings. Under the Privacy section, you can limit who can see information you post in the future, as well as information that's already been posted.

Under the Apps section, you can limit the reach of the Apps you use and, perhaps more importantly, the Apps others use. Here, you can prevent third-party apps used by your friends from accessing your personal information and the data you post. Uncheck any of the listed items that you do not want those apps to access, such as your birthday, status updates, education and work, and more. You cannot prevent those apps from accessing some of the information that Facebook considers public, such as your name, networks, profile and cover pictures, gender, and friends list. If you'd like to block this information, you can block all access to apps, but that means you won't be able to use any of them yourself. It also means you won't be able to use Facebook to sign in to other websites. That's a drastic step to take, but it's one that will keep you safe from the creepiest Facebook apps out there.

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicesiossecuritysoftwareoperating systemssocial mediainternetprivacyFacebook

More about FacebookSkype

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liane Cassavoy

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts