Phishing is a Top Cyber Crime on Facebook

Security & Privacy, Internet
Phishing is a Top Cyber Crime on Facebook
Page content

What is Phishing?

The definition of phishing involves the surreptitious attempt to receive sensitive information, money or goods from an Internet user. Usually done by emails, cyber crime on Facebook – phishing in particular – takes place through status posting alerts, wall notices or chat messages. In some cases these postings even take place within Facebook applications.

Types of Cyber Crime on Facebook

Phishing between 10/04 and 06/05 by ZeWrestle/Wikimedia Commons (public domain)

Quite possibly the most well known cyber crime on Facebook involves the scam that has the thief send messages to a Facebook user’s friends, alleging that the person got stranded and needs urgent transfers of emergency cash to return home. This scam works especially well if the Facebook user in question is a gamer and has a large network of ‘friends’ who only known him in passing.

Not surprisingly, out of the average gamer’s network – exceeding 1,000 to 2,000 ‘friends’ – there are always some that are more than willing to part with a couple of dollars to help their gaming buddy. Needless to say, the Facebook user never actually sees any of the money and is usually mortified to find out that he was the subject of an online hoax. Other Facebook cyber crimes involve the impersonation of a celebrity, the threat of malware – the recent Koobface virus warnings come to mind – and also phishing scams that seek to ferret out users’ private info.

Cyber Crime Issues: Are You Making It Too Easy for the Crooks?

The ever-changing face of the social networking site’s privacy settings adds confusion to the process and makes cyber crime easier than ever to perpetrate. As a general rule of thumb, follow the three rules of Facebook safety:

  1. Protect your personal profile from data miners. Hide your birth date, address, phone number, email address and maiden name. This is especially crucial for gamers who friend large numbers of people for the sake of online play. Since it is impossible to know all of these individuals, assume that one of them might also be in business of finding out as much about other online gamers as he can; hide all the information from everyone and only divulge it on a need-to-know basis.
  2. Beware the status update temptation. It is tempting to broadcast to the world that you are on your way to sunny Southern California or will be taking that long-deserved weekend away with your honey; of course, this also signals to the crooks the one place where you are unlikely to be during that time: at home. If your profile still displays your address, the crooks now know where they may go and burgle with impunity.
  3. Status update phishing posts urge Facebook users to provide specific information. It is interesting to note that some viral movements seem to sweep Facebook every so often. In a recent example, they urged the (female) site users to post their bra colors in an effort to call awareness to breast cancer. Nobody really knew how the movement started. Although largely in good fun, other cyber crime cases show that these posting requests are far more insidious. Take for example the latest request for everyone to just put their year of birth into the status. Since many FB users do not display their full birth date but only a day and month, this information completes the data required for successful phishing operations. Other requests include posting a mother’s maiden name (a typical password suggestion for bank accounts) or the name of a favorite teacher (another password hint).

Avoid becoming a victim of cyber crime on Facebook simply by following this three-step approach to care and caution.