Our study analyses possibilities of misusing social network sites due to irresponsible behaviour of users. Recent surveys show that problems of social network are more often to occur, due to openness as one of the key features of these sites. Social engineering can be misused by attackers concerning on social network with the purpose of gaining sensitive information. There is a conflict between users' security awareness and their actual behaviour, so called privacy paradox. We were interested in amount of information people are willing to reveal in their profiles. We have found out users' behaviour which leads to insufficient protection of published information. These sensitive information are suitable for all kinds of phishing and other similar attacks. In our study we compared two groups of fictive profiles (personal profiles of users having no friends and profiles of users with fictive friends) and studied their success in creating new links in social network. We also considered tools for protecting sensitive information in social networks.