Facebook, the social networking site, has a feature that suggests you add people based upon a formula that looks for common networks of friends. If someone shares a few friends with you, Facebook will "suggest" you add them as a friend. For the last several months, since Bryan Rutberg of Seattle joined Facebook, the system has been asking me to "friend" him. I knew him slightly from high school where we were in student government together. And although Bryan is a terrific guy to be sure, as it turns out I'm glad I held off requesting his virtual friendship until now.
Bryan is a nice person who had a terrible thing happen to him. His Facebook account was hacked by a criminal who then began posing as Bryan in an effort to convince his friends to send money. Apparently, this phenomenon has been quietly growing in frequency since last fall. But it wasn't until Bryan's experience that the media took note. Here's what happened next, after the account was compromised.
The hacker quickly changed the account's email address so that they controlled all the communication threading in and out of the account. And then the hacker posted a new status message that read: Bryan NEEDS HELP URGENTLY!!! The updated status message then appeared in all the Facebook accounts of Bryan's friends, more than 100 people. The hacker began telling Bryan's friends that he was stuck in London after being robbed and needed to get cash sent to help him get home.
One of those who responded to the urgent message was a business friend of Bryan's, someone who in Bryan's own words is "a friend I might meet for coffee or lunch four times a year." This particular friend began a conversation with the hacker that ultimately led to his being tricked into sending money via Western Union to the hacker or the hacker's associates in London, England.
While Bryan was unaware his work colleague was being ripped off in the name of helping him out, he was by now aware his Facebook account was in trouble. He couldn't log in but via his wife's profile, they could see the hacker's posts and comments from other concerned friends. She contacted the hacker to ask them to stop and was immediately "defriended". Bryan contacted Facebook to get some help but received no reply. Hours of worry ticked by as Bryan and his wife schemed how to alert their friends not to fall for the criminal's pleas for money. Ultimately, they were able to recover the account via assistance from a friend of a friend who works at Facebook.
After Bryan and I spoke yesterday, I reviewed the various news reports on his case. If you do the same, you will see in the comments' area evidence that this scam is not unique, that there are victims of similar Facebook hacks in countries around the world. What I found useful in reading about these scams and their mostly unsuccessful efforts were the chat sessions some Facebook users have posted. These reveal some useful techniques for foiling any future phishing efforts you might experience should this cybercrime method continue.
Be suspicious - if a friend were really in trouble, they would not contact you via Facebook would they? Push for details about their situation and what they've already tried to do. If they quickly become defensive or question your "true friendship," you are probably being scammed.
Question how they know you - often they will use the information in your profile (employment history, schooling, spouse and children's names) so you'll have to press for more details. If you worked together, where was the office located? Who was your boss? Where was the Christmas party held?
Question their relationship to you - if you are really close, you should know something about each other that is not in Facebook, such as a shared experience or a recent conversation. One potential victim asked how the "friend's" fiancée was and if she was with him. The crook responded "yes", confirming the potential victim's belief that it was fraud. His real Facebook buddy is actually gay and single.
Be defensive - if you believe your account has been hacked, make sure you take action before confronting the hacker or otherwise alerting them, because they will quickly "defriend" anyone suspicious so they don't post comments on the hacked account's wall. Use a friend's account to take screenshots of all your Facebook friends in your list. That way, you can message all of your friends first to alert them to the scam. You can post a warning on their Facebook wall. You can send a message to anyone from any Facebook account, even a new temporary one to use while you work to regain your original account.
Protect your Facebook account now - use a complex password, unlike that used on other accounts. Often people get hacked elsewhere but they've tied their online life into one little bundle when they use the same password everywhere. Register more than one email address to the account. Set the account to notify your cell phone of messages.
Report it to Facebook - despite Bryan's negative experience, Facebook does have a process to assist a users in these circumstances. Here's that web address.
I would recommend taking a look at their form today since the information you are to provide during an attack might be difficult to remember or recover. For example, the url of your profile or the networks you are in.
As Bryan said yesterday morning in his chat with me, he is still using Facebook and enjoys it. He joined the network only a few months ago as a way to keep tabs on his teenaged daughter's online activities. Family and friends were posting new baby photos in the social network so he quickly began adding friends to keep up with their lives as well. He enjoys the opportunity to reconnect with long lost or distant friends, acquaintances from college and high school days. He's hopeful that the media swarm around his recent experience will benefit everyone who otherwise views the social networking phenomenon without due caution. He's still not sure how his account was compromised, whether he clicked the wrong link in a Facebook alert or perhaps the password which he used on many accounts was compromised elsewhere and then reused by the hacker on Facebook.