The Latest in IT Security

Why you shouldn’t trust Google+ Verified Accounts

22
Aug
2011

Google+ verified accountGoogle may have started to roll out verification badges for celebrities and public figures who have Google+ accounts. But, unfortunately, it’s not going to close the door to fraud on the fledgling social network.

The idea is to make it easier for members of the public to tell if they’re the person you’ve added to a Google+ circle is the real Dolly Parton, the real Britney Spears or the real Alyssa Milano.

According to a Google+ post by Googler Wen-Ai Yu about the initiative, verified accounts have a grey checkmark next to their name. Rolling your mouse over the tick, shows that it is a “verified name”.

So, for instance, Britney Spears now has a verified account on Google+ (I’ve added the helpful red crayon):

Official Britney Spears Google+ account

Whereas this unofficial Britney Spears account doesn’t:

Fake Britney Spears Google+ account

What is far from clear is how the verification system works, and what hoops celebrities and public figures need to jump through to convince Google+ they are who they say they are. Furthermore, there are no signs yet that the system is going to be rolled out to the general public anytime soon.

It looks like it’s going to be a case of “If you are a Google employee or if you’ve got enough celebrity or social media clout, then you may be able to get verified – otherwise.. tough”.

But there’s a bigger problem.

Google+ is following in Twitter’s footsteps regarding a way to verify the accounts of public figures and celebrities.

A “Verified Account” badge only tells you that it’s the official Google+ page for that person. Importantly, it doesn’t tell you that it really was that individual that wrote the message you just read.

It won’t stop celebrity Twitter users from choosing dumb passwords, or being careless with their credentials.

Poor Britney Spears and Lady Gaga, for instance, are just a handful of the celebrities who have had their verified Twitter accounts compromised in the past.

Britney Spears has her Twitter hacked

And if Google+ does eventually roll out verified accounts to the great unwashed public, remember this. If it’s your (non-celeb) friend or family member who has their Google+ account comandeered by hackers you’ll be just as susceptible as ever to believing their posts to be true and in danger of clicking on their (potentially malicious) links.

None of this is to say that Google+’s verified account facility is a bad idea. It’s just not as much of a security fix as some folks might hope.

All it does is tell you who the account belongs to, not who posted the messages to it.

If you’re on Google+ and want to find out more about security threats, why not add me to your circle? Sorry, but not being a celebrity, it’s an unverified account. 🙂

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments