Lord Richard Allan, Facebook’s head of European public policy, has admitted that the threat of account hacking to scam users out of money has become a “major issue” for the social network.
Speaking to The Guardian newspaper, Allan said that Facebook is implementing new security measures, in an effort to curb the trend. These include asking extra security questions when the account is logged into from an unusual location, and notifying users by text or email if a new device is used to log into their account.
“It is unfortunate that some people use the Internet to maliciously target people either via scams or by compromising accounts on Facebook, over email or on fake websites,” said a Facebook spokesperson. “However, unlike other websites, or email, or even the phone, we provide our users with robust reporting tools to report any content they are unsure of and anything which violates our terms, will be removed quickly.”
Fraudsters who successfully manage to hack into the accounts of Facebook users often send messages and updates designed to dupe the user’s friends – via clickjacking or survey scams for example. However, in the case of high-profile figures, social networking scams can be a way to gather valuable information.
Last week, it was revealed by Ronald Noble, the Secretary General of Interpol, that Interpol’s Information Security Incident Response Team had discovered two fake Facebook profiles, posing as Noble himself.
“One of the impersonators was using this profile to obtain information on fugitives targeted during our recent Operation Infra Red,” he said. “This Operation was bringing investigators from 29 member countries at the Interpol General Secretariat to exchange information on international fugitives and lead to more than 130 arrests in 32 countries.
“Considering the anonymity of cyberspace, cybercrime may in fact be one of the most dangerous criminal threats ever,” he added. “A vital component in fighting transnational crime must therefore include the policing of information security and the provision of secure communication channels for police worldwide based on common standards.”
Meanwhile, many Facebook users last month fell prey to a rogue application for installing a “dislike” button, which tricked users into spreading messages via their status updates. The messages include the text: “I just got the Dislike button, so now I can dislike all of your dumb posts lol!!” or “Get the official DISLIKE button NOW!” followed by a link.
After following the link, the application asked users to complete an online survey, which made money for the scammers, before pointing them to a Firefox browser add-on for a Facebook “dislike” button developed by FaceMod.
“This bogus feature differs from recent scams as those behind it aren’t preying on users’ curiosity about shocking videos or celebrity scandals. This scam is actually posing as something that many Facebook users want,” said Graham Cluley, senior technology consultant at Sophos. “Facebook users should think carefully before they click on an unknown link in a friend’s status update as these scams are becoming increasingly common.”
Other scams of this kind include “Justin Bieber trying to flirt”, “Student attacked his teacher and nearly killed him”, “the biggest and scariest snake” and, most recently “OMG This GUY Went A Little To Far WITH His Revenge On His EX Girlfriend”.
Yesterday, analyst firm Gartner revealed that mobile users’ personal information, such as their location and what device they are using, will soon be used to validate the vast majority of mobile commerce transactions and to combat fraud.
By the end of 2013 location or profile information from mobile phones will be used to validate 90 percent of mobile transactions involving organisations such as banks and social networks, Gartner said.
However, Facebook’s own location feature, Facebook Places, has been a subject of concern for some privacy advocates, who warn that the ability to share their current location with friends on the social network could create new risks and new social pressures for users.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
i was hacked for 4 millions chips on xmas day, this is getting a regular occurance with a lot of people, i was wondering if you and zynga poker can do anything about it, after 14 months of playing i'm now down to next to nothing, its only plastic money i know, but its very frustrating your views will be appreciated
Many thanks
There seems to be something strange going on with Zynga Poker. So much so that there is now a Facebook page dealing with similar problems to the one you are experiencing. One of the comments on the page suggests that some accounts may be being hacked or phished and that the best action is to create a new account and move any remaining chips across.
To Facebook customer support:
On February 12th at 4:08am central time (according to my login page on Facebook) my Facebook login password was changed by someone other than me. I received a mobile text earlier that morning while I was sleeping showing a password change confirmation code.
I didn’t see the text until I went to my computer Saturday morning around 10:30am and found that my password no longer worked.
I also received an e-mail saying that this password change request came from a computer that was not normally used to access my account. Isn’t this a red flag on your end that someone other than me was trying to get into my account? I don’t understand why you allowed the password to be changed.
I work very hard on my end to prevent hackers from taking over my account. I have been using a 20 character complex password that would be next to impossible to break. I don’t even type it in. I copy and paste it from a word document that is hidden in my documents on my computer.
And still for the 5th time now my account has been hacked.
I use Facebook to play Zynga poker. Since July of 2009 I have been playing and built my chip count up to 1.5 billion chips. This is what has made my account a target of hackers. They have hacked my account 5 times now. In the past 4 times I was able to restore my account and Zynga was kind enough to restore the chips.
But now since I am unable to get my account restored the chips are gone. And I am putting the blame on Facebook for allowing the hackers to reset my password, change my e-mail address associated with the account, remove my mobile phone number, and apparently change my security question.
Facebook states they are not responsible for stolen chips but I contend that it is Facebook’s fault that my account was hacked and therefore Facebook is at least partially responsible for the theft.
To elaborate further on this complaint, I would like to say that the Facebook and Zynga partnership has created an epidemic of hacking of Facebook accounts. How? Zynga games, Zynga Poker in my case sells poker chips to their players. The hackers find the players accounts who have won sizable amounts of Zynga Poker chips and hacks their accounts, then transfers the chips to theirs or someone else’s account who has paid them money for the chips.
Before I started playing Zynga poker I never had any issues with hacking of my account. And it wasn’t until around October of last year when my Zynga poker chip count got in the 800 million range that the hacking started. And none of the security precautions that Facebook or Zynga tell you to use has been able to stop the hackers.
I contend that since Facebook has partnered up with Zynga games and Zynga games has attached a monetary value to the chips within the game that they are responsible for making their users targets of hackers. And by not putting in place adequate security layers to stop them, users such as myself are having their investments to buy into the game stolen. And Facebook takes no responsibility for this. They certainly are taking a percentage of the millions of dollars that Zynga Games generate. If Zynga wants to sell items within their games and Facebook is the gateway to get to Zynga games then Facebook and Zynga need to do something to better protect their users and quit turning a blind eye to problem.
It makes it look like they don’t want the hacking stopped. When players get hacked, they must spend more money to get back into the game at any reasonable level. Its sounds like a great way to keep the revenue coming in.