"Evil," a new tool created by Tom Scott, is leveraging Facebook's Graph API to expose Facebook users' phone numbers.
Rather, it's an app that searches Facebook groups created by people who've lost their phones hoping to get friends' numbers, then collects and displays the publicly-shared phone numbers.
Like PleaseRobMe.com, Evil calls attention to the kind of personal information users are sharing online, often without realizing how widely it can spread. Although Evil censors part of the numbers that it displays, "those digits are publicly available," Scott says. "Anyone could scrape them. And produce a phone directory. Or nick them for marketing."
Scott explains how he created the tool:
There are uncountable numbers of groups on Facebook called "lost my phone!!!!! need ur numbers!!!!!" or something like that. Most of them are marked as 'public', and a lot of folks don't understand what that means in Facebook's context -- to Facebook, 'public' means everyone in the world, whether they're a Facebook member or not. So Evil uses the graph API to search for groups about lost phones, picks a couple at random, extracts the phone numbers, and shows them here.
See a demo of Evil in the video below. Have you ever posted your number to one of these "lost phone" Facebook groups? If so, will Scott's Evil app inspire you to delete your posts? Tell us in the comments below.