Nine Ways Criminals Use Facebook

Jun 08, 2012

Tags: , ;

In honor of Facebook's public offering, explored the 9 ways criminals use Facebook. With over 900 million users, Facebook claims bragging rights for the single largest social networking web site. Having an enormous community breeds problems. Roughly 20 percent of Facebook users have been exposed to malware and 600,000 reports of hijacked log-ins occur every day at Facebook. How else do hackers get in?

  1. Hacking Accounts. Common tools used to complete a successful hack: using common passwords, names, and dates.
  2. Commandeering Accounts. Criminals log in to an existing user account using an illegally-obtained password and ID. Immediately after logging in, they access the victim's friend list. One of the best schemes is to ask friends for money. The hacker will claim “you” are stranded somewhere and need money quickly. It's effective because a high level of trust exists among users.
  3. User Profile Cloning. The act of using unprotected images and information to create a Facebook account with the same name and details of an existing user is profile cloning. Cloners will send friend requests to the same friends the victim has and gain access to others' information to commit fraud. This is scary, yet simple.
  4. Cross-Platform Profile Cloning occurs when the cyber thief obtains information and images from Facebook and uses them to create false profiles on another social-networking site. This fraud is dangerous because victims may never realize they've been hacked.
  5. Phishing. When a hacker poses as a respected organization or individual and asks for personal data, it's phishing. This occurs mostly via wall posts and direct messages. Once users click on the link, they are sent to a website loaded with malware or to a website where they are asked to provide information.
  6. Fake Facebook. Scammers will direct a user to some sort of clickable enticement, to a Facebook log-in page designed to look like the real thing. When the victim enters a username and password, they are collected in a database, which the scammer will sell.
  7. Affinity Fraud. When the con artist assumes the identity of a person to earn the trust of those close to them. The criminals will exploit the earned trust by stealing information or money. Facebook, unfortunately, facilitates this type of fraud because its network is based around “friending” anyone and everyone.
  8. Mining Unprotected Info. Facebook users tend to reveal their emails, phone numbers, addresses, birth dates, and other private data. A hacker's basic training is to start with this kind of information to access accounts. While the majority of unprotected information is mined for targeted advertising, it can be a means to more pernicious ends such as profile cloning and, ultimately, identity theft.
  9. Spam. Clickjacking is illegal and involves the hacking of a personal account using an advertisement for a viral video or article. The user clicks on the ad which then leads the program to send an advertisement to the person's friends through their account without their knowledge.

Parents need to be aware of these tricks and teach kids about them. Don't wait until you are victimized.

Read another story about how a Facebook "friend" led to an assault or about how openly "friending" can expose your child to sexual predators.

I work for ContentWatch and all opinions expressed here are my own.