Security: Stolen Facebook Accounts Being Used to Phish for Money from Friends

Facebook has been investing heavily in security in recent years - especially in its crusade against the Koobface worm - but one new approach to phishing on Facebook may be cropping up. In a blog post yesterday, SnapStream CEO Rakesh Agrawal published a transcript of a Facebook chat he had with Facebook friend Matt Finkelstein in which "Matt" asked him to wire money to help him buy a plane ticket and leave the place where he was supposedly stranded. However, Agrawal became suspicious, and had the wits to ask the person using his friend's account a question that only his actual friend Matt would know. When "Matt" responded incorrectly, Agrawal knew that his real friend's account had been compromised, and that he was indeed talking to a scammer. The scammer then cut off communication with Agrawal when s/he realized they had been found out. This problem does not seem to be very widespread currently. When asked about this type of attack, a Facebook spokesperson told Inside Facebook: This is a very low volume attack, affecting only a small number of users, but the potential impact to an individual user is high so we’re taking it very seriously. Our team has already detected various trends in the accounts of users who have been compromised. We’re using this data to quickly surface compromised accounts, ideally before the spammers have gotten very far. When we find compromised accounts or they are brought to our attention, we’re working to make sure the accounts get back to their rightful owners as soon as possible. First, we are disabling the account because, in some cases, the spammer has added a new contact email address and removed the old one. We then ask that the rightful owner to contact our user operations team via this contact form. We’re reminding users to be very suspicious of anyone, even friends, who ask you over the Internet to send money. Please verify their circumstances through some other means than the web (e.g. call them or mutual friends). If you see something that looks amiss with any of your friend’s accounts, please report it to us through one of the contact forms on the site. These and other security tips can be found on our security page. Facebook's security staff has been employing a multi-pronged approach to prevent and fight fraud when it arises inside Facebook, consisting of both user education and investing in advanced automated fraud detection systems. Facebook's continued investments in security are vital to the company's future as it stewards enormous volumes of trust (and data) from its users. Here's the full transcript of Agrawal's chat: Matt hi whats up? 7:20am Matt hi whats up? 7:20am Rakesh Hi Matt Everything OK? 7:21am Matt well,im really stuck here in london i had to visit a resort here in london and i got robbed at the hotel im staying 7:22am Rakesh ack… that’s terrible. Sorry to hear it. 7:22am Matt yeah,thanks we just want some helo flying back home 7:23am Rakesh So why are you stuck there?’ 7:23am Matt all my money to get a ticket back home got stolen 7:25am Rakesh I didn’t understand this “we just want some helo flying back home” 7:25am Matt help* actually i got some money wired to me to catch a flight back home but we still need $800 more to complete our ticket fee and fly back home 7:26am Rakesh good Honestly, it sounds like someone’s hacked your Facebook account and is using it to defraud your friends. 7:26am Matt i have the money in my checking acct,i cant just access it from here this really me Lauren is here with me and my kids 7:28am Rakesh your wife’s name is on your profile page 7:28am Matt what about my kids name? 7:28am Rakesh in photos? how do we know each other? when did we meet? 7:29am Matt from school I do not know this guy from “school”… So when I responded and he figured out that I was on to him, he blocked me, etc. I tried emailing Matt at his e-mail address, but who knows if that address was his real address or not…

Social Pro Daily

Security: Stolen Facebook Accounts Being Used to Phish for Money from Friends

About

Subscriptions

Events

Publications

WORK SMARTER - LEARN, GROW AND BE INSPIRED.

Subscribe today!