Next time you’re about to accept a friend request on Facebook from someone you think you know, STOP. Even if they appear to be genuine and have 16 mutual friends with you, all might not be as it seems.
It’s very easy for a cyber-criminal to view your friend’s list, and choose somebody to impersonate. They then create a fake profile, copy that person’s pictures, and go about adding your other friends.
When they have enough mutual friends with you in order to appear genuine, they’ll attempt to add you. Unaware of the danger, you accept.
This complete stranger is now able to view the very personal information and pictures, and they can even start a conversation with you over Facebook to delve for more personal information, ask for money, try to meet up with you in person, and gather the information that can wreak havoc in your personal life.
There have been cases where ‘cloned accounts’ such as these, controlled by scammers, send messages to friends, asking for money or saying they have won the lottery and require an “advance fee” before transferring some of their new riches to their ‘friends and family.
What you can do
Edit your privacy settings and change everything to the highest security so that people who are not your friends cannot see any information about you – no pictures, no personal information, and no friends list.
Many people don’t hide their friend’s lists to strangers. Doing so would make these attacks much less effective.
- Change your privacy settings to show the least information possible to non-friends, including the list of who you’re friends with.
- Be careful who you accept as friends.
- Ask yourself “am I already friends with this person?”
- Use friend lists with your settings to ensure that only people you really know can see your more personal content.
This is not the only way Facebook has been used by cybercriminals.
Due to the high number of users, it’s a very attractive place for cyber-criminals to try to snare some targets.
One attack resulted in users receiving a message from a Facebook friend saying they’d mentioned them in a comment. Clicking the message downloaded a Trojan onto the user’s PC that installed a malicious browser extension (as well as containing other things) which would take over the user’s Facebook account when they next logged in. This spread the virus to other friends and allowed hackers access to any information contained in the user’s Facebook account.
Facebook is a popular place to run a competition or prize draw, but be extremely wary! Treat these with extreme caution. If you’ve never heard of the page before and it’s not a well-known, trusted brand or organization (think Microsoft or BBC), then it’s usually safer not to bother entering.
These pages are often run by scammers who are trying to gain lots of likes, so they can push click-baity articles into your newsfeed that will take you to malicious websites when you click through. This can easily end up with malware being installed on your PC.
This malware can lead to further problems, that range from annoying – like pop-up ads – to serious, like your emails being monitored, sensitive information being stolen, or your PC being added to a botnet and controlled remotely.
Stay safe on Facebook! If you have any more tips, comment down below.
