A Sophos experiment has shown that 41% of UK Facebook users ain't that smart.
The IT security firm invented a Facebook profile, "Freddi Staur" (an anagram of "ID fraudster" - the wits) who was in actual fact a small green plastic frog, and then randomly selected 200 Facebook users to target.
They asked invited the users to befriend Freddi - which would give them access to the users' profiles - and 87 accepted.
Of those 87 who granted Freddi full access to their profile, Sophos analysed the potentially dangerous information that these people revealed about themselves, to a complete stranger.
72% of respondents divulged one or more email address, 84% listed their full date of birth, 87% provided details about their education or workplace, 78% listed their current address or location, 23% listed their current phone number and 26% provided their instant-messaging screen name.
One brain box even let slip his mother's maiden name - which is a common security question for online and telephone banking.
"It certainly doesn’t bode well when you’re talking about privacy concerns", Ron O’Brien, a senior security analyst at Sophos.
"The information they’re offering up could be just as valuable as credit card information for someone trying to build a profile of you. People need to be more selective about whom they provide information to."