Facebook users have been targeted by fraudsters.
IT security and control firm Sophos is warning Facebook users to
be wary of messages sent by friends requesting personal information
or money. The warning follows the discovery that cybercriminals are
masquerading as Facebook friends in order to trick unwary users
into parting with valuable sensitive and financial information.
According to reports, Google
Australia employee, Karina Wells, received a Facebook message from
a cyber crook pretending to be her friend Adrian saying he was
stranded in Lagos, Nigeria and in need of USD 500 for a ticket
home. Wells was not immediately suspicious and only became so when
her 'friend' started to use American phrases like 'cell phone'
instead of 'mobile phone'. At this point, she contacted the
authorities to make them aware of the attempted fraud.
Sophos notes that given the Facebook trend for amassing as many
friends as possible, these sorts of scams may not be instantly
recognisable as fraud as with dozens, or even hundreds of friends,
it's impossible for members to keep track of where they all are.
"Many Facebook users don't even know how many friends they have
on the site, let alone what they are all doing and where they are,
and this is providing the scammers with a new vector of attack"
said Graham
Cluley, senior technology consultant at Sophos. "Unfortunately
this is just the latest skirmish in an ongoing battle taking place
between Facebook users and cybercriminals intent on exploiting the
site and its members for their own financial gain. To guard
against all these threats, it's essential to be cautious in your
online activities. Don't reveal all your personal details online
and be wary of messages with unusual demands - just because they
come from a 'friend' doesn't make them legitimate."
Sophos experts note that emails from social networking sites are
much more likely to get into computer users' inboxes in the first
place as they don't have the obvious signs that botnet spam does
(such as known-bad sender IP address, known-bad headers, or
known-bad email construction). This means many spam filters will
fail to stop these messages from reaching their intended victims'
mailboxes.
"Unless people take more care when securing their computers and
personal data, there's no doubt that we'll see more electronic
conmen using stolen Facebook identities to steal money from the
innocent by posing as their online buddies," continued Cluley.
Sophos recommends companies protect themselves with a consolidated solution which can control network access
and defend against the threats of spam, hackers, spyware and
viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.