Facebook Scam (aka Social Phishing)
A couple of months back I posted on a scam that had surfaced in Mexico where fraudsters managed to get hold of people's email User Name and Password, access the account and email the whole address book asking for money to be sent to a bank account to help them raise bail as they were in Jail.
Obviously the overwhelming majority of people would not expect anyone they knew to wind up in jail and ignored the email.
Well this new one in Australia takes the same principles and applies it to Facebook but is a little more feasible.
This time, the individual masquerading as your Facebook contact "needs $500 for a plane ticket".
If phishing in it's more traditional form has proved anything there is always someone who will fall for it.
This "Social Phishing", i.e. taking over an email or social networking account and preying on the trusted relationships the account holder has is much more targetted (i.e. not millions of emails aimed scattergun, but a smaller number preying on friends trusted relationships) but I would guess is much more likely to succeed.
Another example of passwords just not being enough anymore....
Comments
Emails offered by free web-based services can be cracked using social engineering tactic. Email holder should not reveal their true birthdays and locations in emails or use hard-to-guess authentication password requirement. Vulnerability comes when people use the same password for their emails and social network accounts.
Posted by: Antivirus | December 2, 2008 5:38 AM