March 28th, 2012

 Scam Focused on Facebook Users


By the AllClear ID Team

Tamara here from the AllClear ID investigation team. Facebook users are being duped into divulging personal information by filling out a form to supposedly prevent their Facebook account from being disabled. The information they’re being asked ranged from their email address and Facebook password to the first six digits of their credit card number and type of card. Scammers then use that personal information to assume the victim’s Facebook profile and email. In doing so the thief can not only spread the scam, but can also obtain other personal and financial information to commit identity theft.

How it works: Facebook users receive a phishing email stating their Facebook account has been reported for policy violations, specifically that they are annoying or insulting other Facebook users. If they do not confirm the account within 24 hours, their account will be disabled.

“Spammers and scammers sometimes create phony emails that look like they’re from Facebook,” as written on the Facebook Security home page. “These emails can be very convincing. Even the ‘From:’ field can be spoofed to include ‘Facebook’ or ‘The Facebook Team.’”

These emails might include:

  • Notifications about friend requests, messages, events, photos, and videos
  • False accusations that you are abusing the site
  • Warnings that something will happen to your account if you don’t update it or take another immediate action

One way to check if an email is actually from Facebook is to look for a link at the bottom of the message directing you to unsubscribe or edit your Facebook email notification settings. To test this link:

  1. Right-click the link and copy the URL
  2. Paste it into your browser
  3. Make sure it starts with “www.facebook.com”

Note that this link isn’t included in all correspondence from Facebook. For example, if you contact Facebook about an issue, the email response you receive won’t include an unsubscribe link. If an email looks strange don’t click any of the links in it or open any attachments.

An important note: Facebook will never send you a password as an attachment.

Also, check Facebook’s Community Standards to see what is considered truly bad enough to get your profile taken off the website.

Views expressed are the personal views of the author, and do not represent the views of the National Foundation for Credit Counseling, its employees, its members, or its clients.


By dkessler in Identity theft prevention  .::.
(Add your comment)



You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Comments are closed.

Pages

Categories

Recent Entries

Archives

Links


Syndicate