We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Fraudsters hit Facebook with 'Nigerian 419' scam

'Friends' beg for money on Facebook

Scammers are using a convincing twist on the notorious 'Nigerian 419' scam to target Facebook users. See also: Nigerian 419 scammers ditch email for Facebook.

Normally, 419 scams are easy to spot and involve email requests for money from supposedly rich individuals in countries such as Nigeria, from which the fraud gets its name. The latest Facebook attack is much craftier, however, because it hijacks the identities of real people known to Facebook members, asking for money under an apparently plausible guise.

According to reports, one Google Australian employee was contacted using Facebook by a person known to her, asking for $500 to allow him to return home from Lagos, Nigeria, where he claimed to be stranded.

She became suspicious that the contact was bogus only after noting subtle irregularities in the fraudster's use of Australian English.

"After chatting further, words such as 'cell' instead of 'mobile phone' tipped Wells off that she was not talking to her friend but someone who had taken over his account," the report said.

"Many Facebook users don't even know how many friends they have on the site, let alone what they are all doing and where they are, and this is providing the scammers with a new vector of attack," said Graham Cluley of Sophos, the company that unearthed this particular scam.

"Unfortunately this is just the latest skirmish in an ongoing battle taking place between Facebook users and cybercriminals intent on exploiting the site and its members for their own financial gain."

Social networking's insecurities are many-headed. Emails from domains such as Facebook are more likely to reach an individual's inbox because they come from trusted domains; hijacking such domains to create fake email accounts been one of the year's growing problems on webmail systems such as Google, Hotmail and Yahoo.

As it is, Facebook users have a reputation for giving up personal information too easily, while such sites have also been under attack from a range of information-farming direct exploits.

A secondary problem is that social networking offers scammers the ultimate prize of being able to hijack the identity of a trusted person to execute fraud. The Facebook 419 scam is an example of this, using plausibility and a demand for a modest amount of money to overcome suspicion. If social networking systems become infected by such trust-based fraud to any degree they will likely become unviable in their current form.

"Unless people take more care when securing their computers and personal data, there's no doubt that we'll see more electronic conmen using stolen Facebook identities to steal money from the innocent by posing as their online buddies," said Cluley.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews

Techworld.com


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia