We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,145 News Articles

Fraudsters hit Facebook with 'Nigerian 419' scam

'Friends' beg for money on Facebook

Scammers are using a convincing twist on the notorious 'Nigerian 419' scam to target Facebook users. See also: Nigerian 419 scammers ditch email for Facebook.

Normally, 419 scams are easy to spot and involve email requests for money from supposedly rich individuals in countries such as Nigeria, from which the fraud gets its name. The latest Facebook attack is much craftier, however, because it hijacks the identities of real people known to Facebook members, asking for money under an apparently plausible guise.

According to reports, one Google Australian employee was contacted using Facebook by a person known to her, asking for $500 to allow him to return home from Lagos, Nigeria, where he claimed to be stranded.

She became suspicious that the contact was bogus only after noting subtle irregularities in the fraudster's use of Australian English.

"After chatting further, words such as 'cell' instead of 'mobile phone' tipped Wells off that she was not talking to her friend but someone who had taken over his account," the report said.

"Many Facebook users don't even know how many friends they have on the site, let alone what they are all doing and where they are, and this is providing the scammers with a new vector of attack," said Graham Cluley of Sophos, the company that unearthed this particular scam.

"Unfortunately this is just the latest skirmish in an ongoing battle taking place between Facebook users and cybercriminals intent on exploiting the site and its members for their own financial gain."

Social networking's insecurities are many-headed. Emails from domains such as Facebook are more likely to reach an individual's inbox because they come from trusted domains; hijacking such domains to create fake email accounts been one of the year's growing problems on webmail systems such as Google, Hotmail and Yahoo.

As it is, Facebook users have a reputation for giving up personal information too easily, while such sites have also been under attack from a range of information-farming direct exploits.

A secondary problem is that social networking offers scammers the ultimate prize of being able to hijack the identity of a trusted person to execute fraud. The Facebook 419 scam is an example of this, using plausibility and a demand for a modest amount of money to overcome suspicion. If social networking systems become infected by such trust-based fraud to any degree they will likely become unviable in their current form.

"Unless people take more care when securing their computers and personal data, there's no doubt that we'll see more electronic conmen using stolen Facebook identities to steal money from the innocent by posing as their online buddies," said Cluley.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews

Techworld.com


IDG UK Sites

6 cheapest 4K TVs in the UK 2014: Get a UHD telly without breaking the bank

IDG UK Sites

Apple MacBook Air (11-inch, 256GB, Early 2014) lab tests and benchmarks

IDG UK Sites

How to stop your parents opening and responding to phishing emails

IDG UK Sites

Google to ship first Project Ara developer boards in July