Posts Tagged ‘Facebook’

Newer Entries »

Legislator fights identity fraud on Facebook

Wednesday, February 16th, 2011

Lawmakers in Connecticut are going toe-to-toe with Facebook on how it detects and disables fraudulent accounts as part of a probe into claims that one of the state’s legislators was the victim of identity theft on the social media site.

Rep. Kim Rose said someone created a Facebook page using her name and photograph without her permission, and then requested money from her “friends.” Rose said she tried dozens of times to report the fraud to the company.

Connecticut Attorney General George Jepsen said he wrote a letter to the Palo Alto, Calif.-based company, asking how many complaints it has received in the past 18 months about fraudulent or “hacked” accounts, how it respond and what safeguards are in place to detect or disable fake or hacked Facebook accounts. The letter requested that a Facebook representative respond by Feb. 22.

Rose said someone created a page using her name and began “friending” her Facebook friends. The person who created the page told her friends that she included them in a poverty grant and if they sent in $650, it would cover the taxes. One of Rose’s friends fell for the scam.

The legislator said the only way she found to contact Facebook about the fraudulent page and report it was to go to the page itself and post a comment. She is investigating how to make Facebook accountable after the failure to respond to her complaints.

Simon Axten, a Facebook spokesman, said the company takes security seriously and works to protect people from scams. This includes developing technical systems to flag and block suspicious behavior, including the creation of phony accounts. Axten also said the company works to educate people on how to protect themselves, using the Facebook security page.

Tags: , , ,
Posted in Social Media and Identity Theft | No Comments »

Hackers now selling kit to create FB malware

Wednesday, February 9th, 2011

Malicious hackers have expanded their “enterprise” and are now offering a $25 toolkit to anyone interested in creating and distributing dangerous Facebook applications.

The toolkit offers a template for spreading malware, directing users to click-fraud accounts and for pushing Facebook users to bogus surveys to hijack personal information.

The fact that criminals are now selling this toolkit is just more confirmation that social networks are “the” place for cyber-criminals seeking to hijack personal data for use in identity theft attacks.

The ease of use of the toolkit is the most frightening aspect. The buyer doesn’t have to have development experience with Facebook, he just needs to follow the kit’s instructions and he’ll wind up with a working viral Facebook application.

The toolkit, called Tinie App, has been linked to the “Profile Creeper” and “Creeper Tracker” applications that appear on Facebook.

“This phenomenon of template Facebook applications like Tinie App shows how the spamming culture is consolidating more and more around Facebook, adapting to the platform and increasing what we call Web spam,” one expert said.

How can consumers protect themselves? First of all, if you are a Facebook user, don’t use the “creeper” applications. In fact, you’d be much better off not using any of the applications on Facebook. In doing so, you give the application – and whoever is behind it – full access to all of your personal information.

Second of all, check your credit report to be sure there are no questionable or fraudulent entries. You should also keep a close eye on your bank and credit card statements.

And last, consider signing up for a proactive identity theft protection service. The only proactive service in the industry currently is LifeLock. LifeLock will not only monitor your credit, but it will also conduct surveillance on the Internet, checking for any threats to your personal information. If any threats are found, you’ll be notified immediately, before the damage can be done.

Call LifeLock today. Receive 30 days free and get a 10 percent discount on enrollment with the LifeLock Promo Code “Defense.”

Tags: , , , ,
Posted in identity theft protection | No Comments »

FB now offers ‘military-grade’ encryption

Wednesday, February 2nd, 2011

The most common concern expressed by Facebook users has to do with security – Facebook users everywhere ask the same question: Is my Facebook profile and the information it contains safe?

In recent months, a new application called Firesheep – an add-on for the browser Firefox that provides an easy way for non-hackers to access others’ login information – was released. Firesheep works on a basic principle. Each time you log in, you provide your user name and password, which creates a “cookie.” That cookie can be sidejacked* and used to access your accounts.

If you are on a secured network, you can protect yourself. But if you’re using unsecured Wi-Fi, then your cookies may as well be on a plate and handed over to an identity thief, along with some milk to wash them down.

Once Firesheep is installed, it presents the users who are logged in using an unsecured Wi-Fi network and shows the sites they are visiting. It also reveals the users’ name and image, and with only one click, anyone can log in as that user, and gain access to all of their information.

Facebook has responded to the concerns about Firesheep voiced by its users, and has added a means to keep their web connection secure while connected to their accounts. The ability to add this encryption in Facebook was added this week.

To enable the encryption in your Facebook account, click on “Account,” then “Account Settings.” Scroll down to “Account Security,” and click “Change.” Look for “Secure Browsing https,” and click on the box to enable it.

Https protection has not yet been launched to all Facebook users, but is instead being rolled out slowly in the next few weeks, according to Facebook executives. If you don’t see the option yet, keep an eye out for it, and enable it as soon as possible.

It should be noted, however, that this encryption will not stop scams and the “koobFace” virus. There are still those who try to manipulate Facebook users to see videos, stories or images by clicking on a link, which will put that user’s account at risk. Be sure to verify the source of any links you receive before you click, and don’t click on links contained in unsolicited e-mails.

*Sidejacking is a term used to describe the malicious act of hijacking a victim’s user name and password, most often on social networking sites.

Tags: , , , ,
Posted in Data breach | No Comments »

Don’t get too comfy with social media sites

Wednesday, June 23rd, 2010

Picture this: A tree-lined street filled with family homes surrounded by white picket fences and manicured lawns. Susan Johnson wakes up one morning in one of those homes, prepares breakfast for her family, sees her husband and kids off, and prepares to tackle the day.

But after waving goodbye to her family, she finds a letter in the mailbox addressed to her. It’s from a cell phone company welcoming her to a new contract, and it contains paperwork explaining the details of her new phone and the attached services.

There’s just one problem: Susan hasn’t signed up for a new cell phone. Susan has just become the victim of identity theft.

After several calls to the cell phone service provider, Susan convinces them that she has been victimized and they cancel the cell phone. Had she waited, her identity would no doubt have been exploited over and over again.

Susan didn’t understand why or how her identity was stolen.

“I’ve always been very careful about protecting my sensitive personal information,” she said. “I shred anything that might be of use to anyone, including correspondence and old bank statements.”

But Susan made one mistake. She signed up for a Facebook account, and in the process, she filled her online profile with as much detail as possible, including her e-mail address, home address, phone numbers and her date of birth.

All a modern-day criminal needs to steal the identities of people like Susan are a computer and an Internet connection. In Susan’s case, the crook just hacked in and found everything he needed, all in one convenient package.

When using social media sites like Facebook, MySpace or Twitter, it’s important to lock down your security settings. Make sure you have your information tightly secured. And don’t enter every single detail; a criminal would just love for you to provide that information. You should also make sure to control what information will be provided to search engines.

By taking a cautious approach to your online activities as a whole, you can avoid Susan’s fate.

“I thought I was joining something self-contained (Facebook),” she said. “I thought it would be something that only my ‘friends’ would have access to. Boy was I wrong.”

Tags: , ,
Posted in Identity Theft, Uncategorized | No Comments »

Newer Entries »