Facebook started spamming the phone numbers listed for two-factor authentication

Some Facebook users complain that Facebook has started sending them notifications via SMS to the phone number specified for two-factor authentication. For example, user Gabriel Lewis from San Francisco says that text messages are disabled in his Facebook settings. However, notifications from the social network still come. As you can see in the screenshot, Gabriel responded to these SMS with the words “Please, stop!”, “STOP” and “No need to send me messages”. Nothing helped.

In the comments on the gikovsky Slashdot ugly joke that Gabriel is just such a "jerk" that Facebook prefers to have among its users. This joke is a reference to the famous words of Mark Zuckerberg. In 2004, in a chat, he called “dumb fucks” users who voluntarily send him their e-mail photos, home addresses, social security numbers and other personal information to the site.

Gabriel Lewis explains that notifications via text messages are disabled in his settings and in general he has not logged in to Facebook for several months.



The only place on Facebook where he indicated his mobile number is in the two-factor authentication settings. In another way, the social network could not recognize it. And he is not alone. In the comments to the posting on Twitter , several more were noted , people who had the same problem. One of them got into an awkward situation: he accidentally sent his relatives and friends “to hell”, responding to spam from Facebook.

The Mashable publication notes that recently there has been a decrease in traffic on Facebook: in the last quarter of 2017, the time spent on the site decreased by 50 million hours a day. Zuckerberg explained this by saying that the company had set the task of “improving the quality of service” and began to show users fewer viral videos. This explains the reduction of time on the site, but such a strategy should bring success in the long term. By the way, the drop in attendance had no effect on the company's revenues, which grew by 47% compared with the previous quarter and reached $ 12.97 billion, profits - $ 4.26 billion.

Facebook critic, associate professor at the University of North Carolina, techno-sociologist Zeynep Tufeki (Zeynep Tufekci) believes that using the phone numbers specified for two-factor authentication is a manifestation of the “disgusting and malicious business model of Facebook” and such actions are unacceptable.


Well-known information security specialist and cryptographer Matthew Green is also sure that this is not a bug at all. Facebook is simply trying to bring back users who haven’t visited it for a long time (the aforementioned Gabriel Lewis just fits into this scenario).


Despite all the fears, the most likely version should be considered a glitch from Facebook. It is hardly possible to imagine that a corporation would risk a violation of the Consumer Protection Act by telephone of 1991 ( Telephone Consumer Protection Act of 1991 , TCPA) because of such trifles. According to this law, it is prohibited to send advertising messages to the user without having received prior consent. Maybe in this case there is no violation of the law, because the messages are not advertising. Maybe from a legal point of view, these SMS are not considered spam - the court should determine this if a lawsuit is filed against Facebook.

Facebook Corporation has a capitalization of $ 522.8 billion, a monthly audience of 2.13 billion people, a daily allowance of 1.4 billion. Why go for breaking the law for a few extra page views?

But even if it is a “glitch”, it once again shows that you should not leave your phone number anywhere. Recently, a survey was conducted on Habré who uses two-factor authentication. And if not, for what reason. So, 31.2% of Habr's users said that they do not use two-factor authentication. One of the most popular reasons is the unwillingness to disclose your mobile phone number (37.7%).



As seen in the example of Facebook, the fears of these 37.7% are well founded. Even if a reputable company promises not to send spam, anyway, the transfer of your phone number to it is fraught with unpleasant consequences. You never know what "glitch" will happen.