6 Comments »
Just as we suspected, more scams have begun to arrive on Facebook. The latest have appeared via chat, where the scammer hacks into a friend’s account and initiates a chat conversation begging for money. The situation is always similar enough–they’re stranded in some foreign land and need money wired into their account so that they can get a return flight home.
While the channel for the scam is on the newer side, a little bit unsettling given its occurrence on Facebook, the scam’s motif is nothing new at all. And it’s Facebook’s response time that has many worried about the social network’s ability to readily handle the situation.
The Wall Street Journal reminds us of a settlement requirement Facebook agreed to after being investigated by New York State Attorney General, demanding that Facebook respond to certain user complaints within 24 hours. This is usually taken care of with an automated message within the first 24 hours, and according to Facebook, gives the company another few days to handle the situation and respond with a personalized and detailed message with follow-up information. But that doesn’t appear to be the case with the new IM scammers.
Given the over-abundance of information that has been given out to Internet users in the past two years regarding scams via email and other communications lines on the web, it seems that Facebook would recognize the scam’s ability to grow very quickly, especially on its readily accessed and non-archived chat tool. While it’s uncertain how the scammers are hacking into user accounts, this could also be a concern for Facebook as it looks to grow its Platform and Facebook Connect, both of which sometimes enable indirect login options for end users, though Facebook is diligent about protecting users from this standpoint.
So what will Facebook do, and is there anything it can do to improve security measures? Going back to the WSJ article, Mark Neely, a Sydney-based management consultant is referenced as someone who was targeted by a scammer. When complaining to Facebook, he only received a response after going public with his complaint and having his letter forwarded directly to a Facebook employee. Not all users have the wherewithal, the time or the resources in order to do this–and if they all could then Facebook would really have a problem on its hands. But the lack of Facebook response is becoming a tiresome trend. Heather Farley faced this trend when she solicited an explicit response from Facebook regarding the removal of her breast-feeding photos. After receiving now, Farley went public and started a protest that spread across the globe in a matter of days.
Could Facebook squelch some major bad press by merely responding to user requests in a more timely manner? I’m sure it’s difficult to go through all the letters from users, regarding username changes, privacy questions, and impending chat scams that will likely get out of hand very soon. And since this particular chat scam isn’t the only one to plague the social network in recent weeks, it may just look like another issue to throw on the back burner for now. But I think its presence in an IM chat window makes this particular scam slightly more threatening, given the fact that Facebook doesn’t automatically save conversations and an IM chat seems particularly more personal than a random email or private Facebook message.
On the upside, it’s equally as easy to recognize a scammer via chat if their English is particularly bad, and the immediacy of its two-way conversation proves a good way to call out a scammer by requesting mutually known information that only you and the real friend behind that profile would know. So until Facebook finds a way to let its users know about the potential for a chat scam, and subsequently finds a way to diffuse the situation from a user safety stand point, be wary of Facebook friends that are stranded and asking for money. If you have any doubts as to your friend’s genuine predicament, give your friend a call and see if they’re OK. Because that’s what real friends do.
One of my friends was just victimized by this scam. This person is bright, highly educated and works in the IT industry.
The scam is not that easy to detect as the scammer (in this case) was able to sustain the IM conversation in good English and using correct personal information. The issue is that most of the information you need is in the hijacked account! The scammer went so far as to call my friend (US area code, probably from VOIP) and leave a VM message pretending to be a colleague of the person with the hijacked profile. No foreign accent and more relevant information on the VM message (again making it hard to detect).
Clearly the Identity information we deposit on Facebook is becoming more and more valuable and hackers will turn their attention to it as it becomes harder to directly hijack online banking accounts.
A quick note that besides my friend, at least one more person seem to have fallen for the “distressed friend scam” on Facebook. And some coincidences there indicate maybe it is the same group behind it. Check it out: http://blogs.verisign.com/identity/2009/02/broken_trust_ii_another_victim.php
i have been attacked by this very type of scam today. it is nearly impossible to get anyone at facebook to reply, and took me over an hour to figure out what to do. a scam contact hotline streamlined to stop these administratively asap would be a welcome response from facebook. as a result of the episode several of my friends have removed their accounts. this is distressing news.
I got one today.CLASSIC SCAM bad English ,couldn’t answer “What’s your mother’s name?” needed $ transferred to western union ASAP in the UK.Beware!
this happened me today. someone hacked my former supervisors account and started talking to me about how she was mugged at gunpoint in london last night…
facebook has a form to fill out if this has happened to you. just takes a minute to fill out.
Monday I fell for this scam. The scammer had very good spelling and grammar and had hacked into my friend’s yahoo account also. I was unable to reach the real person on his phone (during work hours). I sent a small amount; when I was finally able to get a hold of our mutual friend at work, she and I were able to figure out what was going on. This person was very convincing with all the “You’re such a good friend.” “we love you” etc… family info. Better researched than most, from the chat text I’ve read. When the scammer realized I wasnt going to send anymore money, he/she became pushy, very unlike a friend “get down to western union and get the money sent. We are in trouble!” They tried one more attempt and then quit e-mailing.