Social networking scams
With Thanks to SophosLabs for the footage
Social, dating and business networking websites like Facebook, MySpace, Bebo, LinkedIn and Friendster, allow you to create your own profile and share conversations, photos, videos, links and personal information with your friends and other online users. Unfortunately scammers also use legitimate and trusted online networking services to create profiles using fake names. They then use these profiles to personally target victims with scams.
You can be targeted in a number of ways, for example a scammer might request to be your friend so they can access your personal information. They may pose as a person that you know and trust or may appear to be a stranger, but perhaps report having similar interests. Members of special interest groups on social networking sites may also be targeted by other group members with scams. Scammers may fake a common interest in order to join these groups and gain your trust.
Scammers have also tricked users into handing over their social networking password and username. They do this by sending fake but genuine-looking emails or messages, supposedly from the social networking service, requesting ‘confirmation’ of your username and password. This is called ‘phishing’.
Once a scammer has your password they can gain control of your account and pose as you. They may then use your account to send bogus distress messages to your friends and family claiming that you are in trouble and need money urgently. Scammers will often commit this scam whilst you are travelling if you have posted your holiday plans on your social networking profile. Scammers can also perpetrate this scam via email if they obtain access to your email account.
Approaches may also be made through social networking sites for scam products and services or products falsely advertised as free. Be wary as you can’t always trust claims and product testimonials - it is easy for people to lie in the online environment.
Remember - the details you enter into any part of your personal profile or a friend’s profile may be visible to anyone, including scammers. Some social networking websites have privacy settings which let you limit the people who can view your profile.
In order to protect yourself from social networking scams:
Keep your personal details personal - be careful what information you share and post online and with whom you share it– expect that people other than your friends can see it.
Make sure you don’t post information that would make you or your family vulnerable – such as your date of birth, address, information about your daily routine, holiday plans, or your children’s school.
Set your online social networking profiles to private, never give out your account details and regularly update your computer’s security software. Protect your accounts with strong passwords and change them regularly - have a different password for each social networking site so that if one password is stolen, not all of your accounts will be at risk
Don’t accept a friend request or a follow request from a stranger - people are not always who they say they are and the best way to keep scammers out of your life is to never let them in.
If you receive an unexpected request for money from what appears to be a friend or family member, contact your friend via another means to check the request is genuine before responding or providing money. Do not use any of the contact details in the message. If you send money and it is a scam, neither you nor your friend will ever see the money again. And finally never click on suspicious links on social networking sites – even if they are from your friends
If your Facebook page has been compromised use this Facebook information to re-secure your account.
If your Twitter account has been hijacked see this Twitter information on how to re-secure your page.
Update: August 10 Facebook has a new email adress that people can use to report Facebook scams Email: firstname.lastname@example.org