Facebook: The new frontier of fraud

click to expand image
Facebook:        The new frontier of fraud
In just one year, one of the most patronised social networks, Facebook, has jumped from number 17 to the number four position as the most treacherous web chain. TOYOSI OGUNSEYE writes that changing your password can make all the difference

Last year it was number 17. This year it is number four. In one year, Facebook has soared from the 17th to the fourth most treacherous web terrain, behind porn and software-sharing sites.

Fraudsters seem to be tired of sending electronic mails that attempt to get one’s Automated Teller Machine card details or bank sign-in information.

Now, they have devised a new method of getting information about people’s bank accounts, by posting scam messages on Facebook.

Tom Clare, Head of product marketing at Blue Coat, an Internet security company that does annual reports on web threats, says that these fraudulent messages appear appropriate in the Facebook setting that one is likely to not only get conned, but spread the scam.

What makes Facebook so treacherous and vulnerable? Clare answers, “Us.”

An Information Technology expert, Korede Bolaji, explains that this scam begins when people are bombarded with requests to set up passwords to get into their work computers, online bank accounts, Facebook and every other web-based subscription.

According to Bolaji, the requests are not really the problem but the manner people respond to it, “Most of us use the same password. Crooks have the knowledge that most users use the same password for everything. If they can get your user details for your Facebook account, there’s a good chance that they have the password for your bank account.”

Being smart enough to have separate passwords for Facebook and financial accounts however does not totally solve the problem. Clare explains that fraudsters get at one through a variety of phishing attempts that one might think are Facebook games and widgets, “But look closely and you’ll realise that they deliver answers to all of your bank’s security questions and possibly clues to your passwords right into the hands of the crooks.”

What are the ways these Internet scammers use the Facebook to jeopardise one’s security? Clare says that the number one is: LOL. Look at the video I found of you!

According to him, this is the most dangerous of all the spam messages and it comes in a variety of forms. He says, “It’s actually a bid to surreptitiously install malware on your computer. This malware can track your computer keystrokes and record your sign-in and password information with all of your online accounts. You may be completely unaware of it until you start seeing strange charges hit your ATM cards or bank account. Up-to-date security software should stop the download. If you don’t have that, watch out.”

This application works when one clicks on the link that says that you need to upgrade your video player to see the clip. If the person hits the “upgrade” button, it opens one’s computer to the crooks, who ship in their software.

Clare adds that if one really thinks a friend is sending a video clip, it’s good to double-check with the friend to be sure before one clicks on the link. Research has shown that most of the time, the friend will deny sending you such a video.

Bolaji adds that another fraudulent link is: Your friend just answered a question about you!

He says, “It is possible that an old friend answered a question about you that you needed to “unlock?” But when you click on the link, the next screen would request permission to (a) access your name, profile picture, gender, networks, user ID, friends and any other information shared with everyone (b) send you email (c) post to your wall and (d) access your data any time regardless of whether or not you’re using their application. Once you click on ‘allow’, all your personal details become theirs.”

Who knows you best? is also an application of accessing bank accounts deceitfully through Facebook says Clare. The message usually reads: Can you do this? My middle name __________, my age ___, my favorite soda _______, my birthday ___/___/___, whose the love of my life ______, my best friend _____, my favourite colour ______, my eye colour _______, my hair colour ______ my favourite food ________ and my mom’s name __________. Put this as your status and see who knows you best.

The challenge of putting this type of message as one’s status, Clare says, is that many of the answers are the same facts some people use to verify their bank details.

He says, “Put this as your status and everybody including all the people who want to hijack your bank accounts will know you well enough to make a viable attempt.”

The experts add that another gimmick is: We’re stuck! which started out as an email scam, but now the “We’re stuck in [Europe/Asia/Canada] and need money” scam has moved to instant messages on Facebook, where it can be more effective.

So many Facebook users have fallen for these antics. Israel Tayo, a secondary school student says that he had seen these applications and clicked on them innocently, “I always think that they are games and I love games so much so I click on them. But I must say that I always wondered why they asked for so much information just to play a game. After answering all the questions, my computer would go blank so I would just restart and forget about it.”

The good news for Tayo and others that have used these applications is that Facebook has upgraded its security system on how to combat account hijacking that allows crooks to send messages and posts through one’s account.

Bolaji also offers what appears to be the anecdote of the Facebook threat, “The challenge is that most users don’t bother security settings of the social network. However, if anyone has ever clicked on any of the aforementioned applications just change your password, it erases whatever information they have about you; and don’t click on these applications again!”
 www.facebook.com/emmanuelsamuko 
My Ping in TotalPing.com