Facebook Brands Hacking A ‘Major Issue’

Lord Richard Allan, Facebook’s head of European public policy, has admitted that the threat of account hacking to scam users out of money has become a “major issue” for the social network.

Speaking to The Guardian newspaper, Allan said that Facebook is implementing new security measures, in an effort to curb the trend. These include asking extra security questions when the account is logged into from an unusual location, and notifying users by text or email if a new device is used to log into their account.

These extra security measures could reportedly involve “name verification” – where someone logging on from a new location is shown a number of photos of their friends and is asked to verify their names.

“It is unfortunate that some people use the Internet to maliciously target people either via scams or by compromising accounts on Facebook, over email or on fake websites,” said a Facebook spokesperson. “However, unlike other websites, or email, or even the phone, we provide our users with robust reporting tools to report any content they are unsure of and anything which violates our terms, will be removed quickly.”

Facebook fraud

Fraudsters who successfully manage to hack into the accounts of Facebook users often send messages and updates designed to dupe the user’s friends – via clickjacking or survey scams for example. However, in the case of high-profile figures, social networking scams can be a way to gather valuable information.

Last week, it was revealed by Ronald Noble, the Secretary General of Interpol, that Interpol’s Information Security Incident Response Team had discovered two fake Facebook profiles, posing as Noble himself.

“One of the impersonators was using this profile to obtain information on fugitives targeted during our recent Operation Infra Red,” he said. “This Operation was bringing investigators from 29 member countries at the Interpol General Secretariat to exchange information on international fugitives and lead to more than 130 arrests in 32 countries.

“Considering the anonymity of cyberspace, cybercrime may in fact be one of the most dangerous criminal threats ever,” he added. “A vital component in fighting transnational crime must therefore include the policing of information security and the provision of secure communication channels for police worldwide based on common standards.”

Clickjacking and survey scams

Meanwhile, many Facebook users last month fell prey to a rogue application for installing a “dislike” button, which tricked users into spreading messages via their status updates. The messages include the text: “I just got the Dislike button, so now I can dislike all of your dumb posts lol!!” or “Get the official DISLIKE button NOW!” followed by a link.

After following the link, the application asked users to complete an online survey, which made money for the scammers, before pointing them to a Firefox browser add-on for a Facebook “dislike” button developed by FaceMod.

“This bogus feature differs from recent scams as those behind it aren’t preying on users’ curiosity about shocking videos or celebrity scandals. This scam is actually posing as something that many Facebook users want,” said Graham Cluley, senior technology consultant at Sophos. “Facebook users should think carefully before they click on an unknown link in a friend’s status update as these scams are becoming increasingly common.”

Other scams of this kind include “Justin Bieber trying to flirt”, “Student attacked his teacher and nearly killed him”, “the biggest and scariest snake” and, most recently “OMG This GUY Went A Little To Far WITH His Revenge On His EX Girlfriend”.

Location detection

Yesterday, analyst firm Gartner revealed that mobile users’ personal information, such as their location and what device they are using, will soon be used to validate the vast majority of mobile commerce transactions and to combat fraud.

By the end of 2013 location or profile information from mobile phones will be used to validate 90 percent of mobile transactions involving organisations such as banks and social networks, Gartner said.

However, Facebook’s own location feature, Facebook Places, has been a subject of concern for some privacy advocates, who warn that the ability to share their current location with friends on the social network could create new risks and new social pressures for users.