- This topic is empty.
September 8, 2009 at 3:42 am #139547inariParticipant
Published in todays Age newspaper http://www.theage.com.au/technology/security/robbed-by-facebooks-enemy-in-the-camp-20090908-ff5q.html
Most of us use Facebook so be aware.
Robbed by Facebook’s enemy in the camp
September 8, 2009 – 12:28PM
Natasha Cann endured the Father’s Day from hell on Sunday when hackers broke into her Facebook account and proceeded to scam her closest friends out of significant amounts of money.
The 34-year-old professional who works for BHP Billiton in South Australia – and used to work in IT for the military – thought her account was locked down but the painful reality hit her on Sunday night when a friend phoned her from Singapore.
The friend had just received a Facebook message, purportedly from Cann, saying she had been seriously assaulted and robbed at gunpoint in London and urgently needed money to get home.
The message, which was sent to all of Cann’s 400 friends, asked for an initial amount of $10,000, which had to be wired in cash as soon as possible to a Western Union account.
“They were alleging that I only had my passport on me and that I couldn’t get to a bank or anything – that Western Union would be the only way,” a distraught Cann said in a phone interview.
Cann immediately contacted Facebook asking it to disable her account but Facebook only got around to doing it about 12 hours later, by which time one of Cann’s friends in Western Australia had already transferred $1000 to the scammers.
Cann tried publishing warning messages on her Facebook wall from her partner’s account before her account was disabled but these were quickly blocked by the scammers, who changed her password and the email address linked to her account.
She said she had received just 11 calls from friends about the matter and is worried about how many others had sent money to the scammers.
Furthermore, the scammers could now use the personal details gleaned from her friends’ pages to conduct targeted attacks on them.
Since Facebook is her main avenue for contact with a lot of her far-flung friends, she didn’t have email addresses or phone numbers that she could use to warn most of them.
“It’s horrendous in that it’s people I know and that I care for who could just be scammed out of a great deal of money – they’re preying on people’s good nature and good intent to make sure that I’m OK,” said Cann.
“The chap that rang from Singapore was about to jump on a plane to London and we have friends in Greece that were about to fly over as well.”
The scammers even contacted the friend who had given the $1000, saying the money wasn’t enough and that more was necessary.
Cann is frustrated that Facebook does not provide contact numbers for users to call in these situations and took so long to respond to her emails.
She believes Facebook should have contacted her friends quickly, telling them her account had been compromised and at the very least provided an online system for her to disable her account instantly using a secret question or other security measure.
Cann filed a report with South Australian Police yesterday but is not hopeful that they will be able to do anything to bring the overseas scammers to justice.
Sean Richmond, senior technology consultant at the security firm Sophos, said Cann’s story was “not terribly uncommon”.
He said Facebook was in a tricky position because introducing new security measures allowing people to disable their accounts instantly in the event of an attack could simply open up a new avenue for hackers.
But Richmond said that, unlike banks, who cover customers’ losses to credit-card fraud, Facebook does not suffer financial penalties when its users are defrauded.
“Facebook has not got a whole lot of incentive to do things super fast because they’re not the ones that are suffering,” he said.
Facebook would not comment on the specific issues and suggestions raised by Cann. Instead, it provided a generic statement pointing people to its security page and an email address for users to report abuse.
You must be logged in to reply to this topic. Login here