Skip to main content
  1. Home
  2. Social Media
  3. News

Facebook identity fraud is up and you need to be careful

By
if youre not careful you could be the next victim of identity fraud on facebook idfraud

Social media juggernaut Facebook is the primary online fixture for a lot of folks (1.15 billion monthly active users as of June 2013, to be exact) – this is probably why it’s constantly under attack or serious scrutiny. The social network is not only plagued by lawsuits, viruses, catfishers, money lenders, and the government’s watchful eye… with the amount of people freely offering all sorts of pertinent details about their personal lives on Facebook, a rise in identity fraud on the site is bound to happen.

A report from The Japan News details many scenarios wherein Facebook users are duped into surrendering personal information through fake posts that solicit likes, votes, or link clicks. Messages have been found to lead to a page that asks users for contact details (like a phone number), and since these links are believed to be sent by a “friend,” they think nothing of it and acquiesce, ending up the unwitting victims of identity theft.

Recommended Videos

These fraudsters and hackers are known to take advantage of the relationships people build on Facebook, banking on the fact that most users mindlessly peruse their News Feed out of habit. Sometimes, scammers even take great lengths at fooling users by venturing out of Facebook and reaching out to targets via other methods. Greg Boyle, senior global product marketing manager for antiviral software company Trend Micro, recently wrote about his experience: He had received an email notification claiming a person (who was not on his Facebook friends list) tagged him in photos. At first glace, the email looked legitimate and similar to one that’s generated by Facebook when you have email notifications set up in your settings, but upon further investigation, Boyle found that the email he received was fraudulent and was actually an attempt at a Blackhole Exploit Kit (BHEK) spam run: Links in the email redirect the user to a different page, causing malware to be automatically downloaded into their system. “Evidence of past BHEK runs show they generally use financial institutions, e-commerce and global events as lures that get users to click on links and secretly install malware that steals banking credentials and personal information etc.,” Boyle wrote.

Related

If you’ve seen the movie Catch Me If You Can, then you know it’s based on a true story about the person Leonardo DiCaprio portrays in it – conman turned FBI security expert Frank Abagnale. Earlier this year, Abagnale made an appearance at the Advertising Week Europe conference in London and spoke to The Guardian about the dangers of identity theft on Facebook.

“If you tell me your date of birth and where you’re born [on Facebook] I’m 98 percent [of the way] to stealing your identity,” Abagnale warned. “Never state your date of birth and where you were born [on personal profiles], otherwise you are saying ‘come and steal my identity’.” Additionally, he recommends never using a passport-style photo as your Facebook profile picture – group photos are deemed much safer – and refrain from making comments that reveal too much. “What [people] say on a Facebook page stays with them,” he said. “Every time you say you ‘like’ or ‘don’t like’ you are telling someone [things like] your sexual orientation, ethnic background, voting record.”

Abagnale also commented about U.K. privacy laws, which he has “tremendous amount of respect for” and believes to be more advanced compared to the laws in place in the U.S. This may be true, but it doesn’t stop the U.K. from experiencing its own troubles with identity fraud, which is still on the constant rise – 82 percent of all cases happen on the Web. Similarly, out of 700 U.S. teens surveyed, 75 percent have been found to be careless with their personal information, making themselves susceptible to online crime.

Be vigilant, keep your Facebook account safe

Should a user be locked out of his or her Facebook account, the social network has an advisory available on what could be done to confirm identity and recover access. Additionally, under Facebook’s Security settings, users have an option to add Trusted Contacts, or three “friends that can securely help you if you ever have trouble accessing your account”; these contacts will receive security codes which they need to send to the user, and if all codes are accurate, the user can confirm their identity and reset their password. While this may be a suitable fail-safe for some, any experienced hacker or fraudster may be able to easily pretend to be you and make contact with your trusted friends. We’ve reached out to Facebook and asked if this is possible and will update this story once we hear back.

In the end, the only person responsible for your information security is you. In the same way technology advances, so do the security issues that go with them. Apart from choosing a hard-to-crack password (which rules out birthdays, middle names, pet names, and the word “password”), there are other things you can do with your Facebook account settings to make it increasingly harder for identity stealers to target you.

Review your Privacy settings. Restrict your profile to Friends Only. Where it says “Who can see my stuff,” choose anything EXCEPT Public. Click on “Limit Past Posts” to change the setting of your old posts to Friends Only. This is important if you’re not sure if any of your old posts (which may contain personal information that can be used to steal your identity) were ever set to Public.

facebook privacy settings

While you’re there, set “Who can contact me” and “Who can look me up” to Friends or Friends of Friends to limit the number of people who can find you using your email or phone number.

Check out your Security settings. Click on Secure Browsing and enable the option. Also enable Login Notifications so you can be told through email or text message whenever a new computer or mobile device is used to log into your Facebook account. Click on Login Approvals and check the option that requires a security code before giving account access on unknown Web browsers – this will pull up a step-by-step on how to set it up on your mobile phone (Note: For this to work, you need to have the official Facebook app installed on your phone).

facebook security settings

As an added precaution, make a habit out of checking Active sessions. If you see any activity that wasn’t initiated by you, click End Activity.

facebook security settings - active sessions

Editors’ Recommendations

Topics
Jam Kotenko
Jam Kotenko
Former Digital Trends Contributor
When she's not busy watching movies and TV shows or traveling to new places, Jam is probably on Facebook. Or Twitter. Or…
What’ll happen to your WhatsApp account if you don’t agree to new privacy policy
WhatsApp

WhatsApp recently announced it would be changing its privacy policy, in a move that has many users worried about how much of their data will be shared with WhatsApp's parent company, Facebook. Now, the service has revealed what will happen to the accounts of users who don't agree to the new policy by the May 15 deadline.

TechCrunch contacted WhatsApp for more details on what would happen to users' accounts if they didn't agree to the new privacy policy. It reports that WhatsApp will "slowly ask" its users to agree to the new privacy changes, warning that they need to do so to continue having full access to the app's features. Users who decline to accept the new policy will be able to continue using the app for a few weeks, but only in a limited way. “For a short time, these users will be able to receive calls and notifications, but will not be able to read or send messages from the app,” the company told TechCrunch.

Read more
TikTok boss calls out Facebook, Instagram to team up against Trump ban
Tik Tok app

A top TikTok executive is telling Facebook and Instagram to put their money where their mouth is.

TikTok interim global chief Vanessa Pappas called out the social media powerhouses after the Trump administration announced that TikTok would be banned from being downloaded from U.S. app stores starting Sunday.

Read more
Targeted Facebook ads are about to lose a big audience: iPhone owners
facebook hacked

The face of Facebook advertising is about to change. With Apple’s rollout of iOS14 in September, Facebook issued a short statement to advertisers letting them know that their formerly hypertargeted ads, as facilitated by the Facebook Audience Network platform, might not work anymore. As first reported by Axios, this will likely have a huge impact on the advertising industry, of which Facebook plays a huge part in the U.S. But while this may be bad for the advertisers and for Facebook, this could be a win for users’ privacy

The next update of the iPhone software will feature a new function wherein users have to opt in to being tracked by advertisers. This will require apps to ask iPhone users’ permission to collect and share their data. This puts advertisers who rely heavily on Facebook’s platform in a pickle, as Facebook’s ads are notorious for being extremely specific to the user.
Accomplishing what the boycott couldn’t
July 31 saw the end of a massive, much-ballyhooed advertising boycott — with more than 1,000 brands participating — that was supposed to bring Facebook to its financial knees in the name of social justice. Instead, the boycott barely dented the platform’s revenue.

Read more