Our IT editorial team got a first-hand taste of a Facebook hack this week, after one of our colleague’s account on the social network site was hacked.
Several of our editors received a message through Facebook from the hapless colleague, claiming he was on a trip to London, but had been mugged, and was now marooned without passport or cash somewhere in North London.
Naturally they replied straight away, and promptly got into an IM chat through Facebook’s own messaging client, with what they thought was their friend. It was only when another colleague who had heard of this method of attack warned them that they realized what was going on, and discovered that the ‘victim’ was actually safe and sound in Dubai.
What was most disturbing about the hack was the quality of response from the hacker posing as the colleague. The chat messages were in text speak, but convincingly written - it was not the usual semi-literate 419 scammer - and also used details gleaned from Facebook to make the response sound a lot more convincing. As a trusted site, it’s also a lot more believable to get a message through Facebook than if it was just a random email.
The message from vendors all year has been that cyber crime has morphed from teenage hackers to organized gangs, and this attack shows just how organized, cunning and convincing they can be.
A post by "Mark Sutton" http://www.itp.net
I am a technology journalist, and have been covering Middle East IT markets for the past eight years. To see more posts click here
Wow, I had not heard of this particular brand of hacking. I will post this on my facebook page to warn all my mates for sure.
Comment by Mita — Thursday, 27 November, 2008 @ 12:08
Facebook has always seemed insecure and rather a thing for wasting time. I am sure are even more probs in it.
Comment by Jamal Panhwar — Thursday, 27 November, 2008 @ 15:59
I had a conversation from my Gold Coast home yesterday (Thursday) with the “hacker” , this is my cousin’s son you are referring to. I saved the conversation, I was online to this very patient( over 2 hours) hacker who thought he had me hook, line & sinker. I was suspect because of his typing mistakes & general conversation did not sound like the owner of the account or someone in his profession. I contacted the Australian Federal Police, they told me the hacker was wanting me to send the money through Western Union because it is untraceable, they only need a fake ID to collect the money. I left the hacker hanging waiting for me to ask my husband if it was ok for me to send the money…I sent an email with the conversation attached to your colleagues family. I am glad he is safe, initially I was almost frantic, making interstate phone calls, trying to find the truth. These people are preying on the good nature of friends & family who would do anything to help a friend in need..
Jenny
Comment by Jenny Matheson — Friday, 28 November, 2008 @ 03:39
Yeah, got one online at the moment. His English is terrible (unlike the real account owner) and he’s only after $500 for a plane ticket to Australia! Bargain!
Comment by DAvid — Monday, 15 December, 2008 @ 14:46
Yeah, we had the same exact hack today. Blogged about it. NYPD and FBI siad thehy could do nothing, even as I was “chatting” with the cirminal. So sad.
Comment by Dave Kerpen — Tuesday, 23 December, 2008 @ 02:40