Identity Theft on Facebook

March 2011

Introduction

Internet privacy advocates agree: Facebook is a hotbed for identity theft. Not only are many of the “secret questions” for financial accounts like birth date, city, and zip code publicly displayed to all who view your page, there is also a much higher incidence rate for scammers and phishers when a “friend” – almost always a scammer who has compromised a Facebook account – sends you a fraudulent link to click or asks for money to be wired overseas. Protect your privacy by ensuring that you are following these important social networking privacy tips.

Statistics

In a Psychology study conducted at Indiana University, 16% of students became victims of a controlled phishing scam, but a whopping 72% were victims when they believed it was their friend who sent them the fraudulent link. In most cases, we trust the faces and text of people we know without ever confirming that they are the true originator of the message.

Protecting Personal Information on Facebook

Protect against identity theft on Facebook by carefully setting appropriate Facebook Privacy Settings on your account. By clicking on Account, Privacy Settings, and then selecting “Friends Only,” you can ensure your profile information is visible only to the people you allow to view it.
But remember, these privacy settings only work if you know everyone who you approve to be your friend! It is vital that you do not accept random friend requests from users you do not know, as they are often spammers, scammers, or identity thieves.

The “London” Scam

Due to the innate trust of users on social networking, scammers have started stealing Facebook account passwords in order to perpetrate a con known as the London Scam. In such a scam, many users will get a private message from their friend’s Facebook account with a message like “My luggage was lost, and I’m stuck in London. Would you be willing to wire me $900 for a plane ticket home?” This type of predatory con game preys on the trust of Facebook and the ease of impersonating someone else.

Related Legislation

Privacy on social networking sites has become lax, and numerous individuals have already had their identity stolen due to poor management of their Facebook account. Social networking identity theft has become so prevalent that California recently passed new legislation making it a crime to falsely impersonate another user over the Internet. The penalties for being convicted of impersonating a user are up to $1,000 and up to a year in jail.

References

  1. Elliott, Christopher. (2010, June 13). “In ‘phishing’ scams, purported acquaintances claim to be stranded abroad”. The Washington Post. Retrieved June 14, 2011.
  2. Zaller, Anthony. (2011, January 4). “New Law Makes It Illegal To Impersonate Others On Social Networking Sites”. California Employment Law Report. Retrieved June 14, 2011.
  3. Phishing Attacks Using Social Networks”. Phishing Research at IU. Retrieved June 14, 2011.