BBB: New Wave of Phishing Scams Uses Facebook Info for Personalized Spam

BBB: New Wave of Phishing Scams Uses Facebook Info for Personalized Spam

January 28, 2013 Updated Jan 28, 2013 at 1:31 PM EST

(BBB news release) Attention social network users, check your privacy settings.

According to a story posted to the BBB Newsroom:

Scammers are tapping into the personal data available through Facebook, Google+ and LinkedIn to pose as your friends in fraudulent emails. Watch out for these personalized scam messages and take steps to prevent them.

How the Scam Works:

You receive an email that appears to be sent by a friend or family member. The message addresses you by name, but the content is strange. Usually, it's just a link to a website. If you click on it, you could end up downloading malware to your computer.

What's going on here? The scammers are exploiting the fact that you're more likely to click on a link if it was sent by a friend.

Scammers find your information through Facebook or other social media accounts. Some set up fake accounts and send out friend requests. When you accept the request, they can view your friends and personal and contact information. Other scammers rely on social media users not locking down their privacy settings, so basic information, such as your name, email address and friends' names, is publicly available.
 

How to Protect Your Facebook Account from Spammers?  

* Review your security settings. Check out Facebook's information on setting your privacy settings to be sure you aren't sharing personal information with strangers. Look here for information on what can be found publicly in search engines.
* Don't accept Facebook friend requests from unknown people. 
*Report scam profiles and other suspicious activity to Facebook by following these instructions.
*Consider enabling login notifications, so you will know when someone uses a new device to access your account.
*When accessing Facebook from public wi-fi in places like hotels and airports, text "otp" to 32665 to receive a one-time password to your account.

What to do if You Receive a Suspicious Email: 

*Don't click on strange links, even if they're from friends. Notify the person who sent you the email if you see something suspicious.
*Check the "header" field. Even though a friend's name is in the "from" field, spam email won't be from their email address.
*If you click the link, be sure to run a virus scan on your computer. 

 

Read the entire news release from the BBB HERE.

To submit a comment on this article, your email address is required. We respect your privacy and your email will not be visible to others nor will it be added to any email lists.