Local News

Social networking sites not immune to online threats

Posted August 19, 2009

Map Marker  Find News Near Me

— Jane Foreman thought her post on her Facebook page in July would be enough to let her friends know she'd be away from the computer for a few days.

"I posted something I thought was very benign: 'I'm in New York. Rest in peace, dad,'" Foreman said.

Facebook Facebook growing opportunity for scammers

That was late on a Sunday night. Within hours, she says, her Facebook account had been hacked.

"Well, about 6 a.m. Monday, my husband started getting calls from old work acquaintances of mine."

They wanted to know why she was overseas and if she was OK.

"I don't know how they hacked, but they got in the instant messaging in Facebook and started sending messages to friends, saying I was in London, that I had been mugged, that my dad just died, and that I need money to get home."

Foreman is not alone.

Ryan Johnson, a computer forensics investigator with Forward Discovery Inc. in Cary, investigates cybercrimes for law enforcement agencies.

He says the London money-wiring scheme is nothing new.

"It's the same old scheme, just a different outlet," he said. "Now, with the open social networks, like LinkedIn and Facebook and Twitter, we're seeing the same things we used to see that was just solely on e-mail."

But there are several things accountholders can do to protect their online identities, as well as personal and financial information.

"If you have answers to personal questions on Facebook, like your date of birth, your high school – that allows anybody to get access to that personal information and then go back to your e-mail."

From there, he says, they have the potential to access any accounts associated with that address.

"Password security is really key, and information security is even more important," he said. "Generally we don’t recommend people actually answer the security questions that are asked of you."

For example, he says, if a site asks about your high school, make the answer your dog's name.

"So even if it's public information you put out there, it's not going to lead to a compromise down the road of these questions," he said.

In recent years, North Carolina Attorney General Roy Cooper has worked with social networking sites, like Facebook and MySpace, to strengthen user protection against online perpetrators.

Facebook says in a post on its official blog that scams are rare but that it has taken steps to help prevent them and that it continues to improve upon its technology.

According to the post, it sends notification e-mails to users whose accounts have been compromised and temporarily suspends the accounts until a user can verify that he or she is the legitimate owner.

"But there's nothing that's foolproof, technology-wise, that can make a site absolutely secure," he said.

Once someone is scammed online, he said, it's difficult for law enforcement authorities to find the culprits.

"Oftentimes, they are from overseas. Oftentimes, it's difficult to trace the technology, so it's very important that these sites do everything they can to keep those sites safe," Cooper said. "And it's important for the user of the site to protect him or herself."

Always be suspicious if someone asks for money, he says. Follow up on such requests for money with a telephone call or an e-mail to another account. If that's not possible, ask questions that only the person would know.

"Make sure it's your friend who's sending you this message," he said. "You want to help, but don't fall for these scams."

Another recommendation, he says, is to set privacy controls to the highest possible levels. Be selective about who you allow to view your profile and with whom you are friends.

"Don't just let anyone be your friend, unless you're just trying to gather friends and you're not putting anything personal on the Web site," he said.

Even then, be aware, Foreman says.

In her case, she says, she was careful not to reveal her e-mail or to show her complete birth date.

"I don't know how everything transpired, but somebody saw a situation and took advantage of it," she said.

Criminals, Foreman says, are going to be out there taking advantage of every new technology.

"You can't just get off the Internet because you're afraid. You just have to educate yourself and know that situations like this can happen. You have to know to be careful about your information," she said.

"The word is getting around, and Facebook is actually going to be one of the means to educate people."

1 Comment

This story is closed for comments.

Oldest First
View all
  • meargle Aug 19, 2009

    The investigator was right -- It's the same old story that you hear all the time. Someone gets their information "hacked" and all you hear is how unsafe of a place that the internet is. The truth of the matter is that no one is getting hacked...someone is foolish enough to not be aware of the address of links they click on before they submit personal information. People are not at all cautious (or use any common sense) when online, and are shocked when something like this happens.

    The security on sites like Facebook and Twitter are terrific. No one us busting in to their servers and stealing your information. Some teenage is sitting on his computer, drinking a Coke, and outsmarting you out of your password.

    Do these same people walk in a stranger's house and sit their wallets unattended by the door while they visit?