I had just sat down to have my first cup of coffee for the day when my cell phone rang. Normally I’d think twice before answering the phone before office hours, but the caller ID showed it was a close friend. She told me she had heard that Facebook had been hacked, and the hackers were taking over people’s accounts.
I told her that what she was describing sounded a lot like what happened to one of my relatives, when I suddenly got a friend request from a cousin with whom I’d been Facebook friends for years. My friend who had called said she would forward the email she’d received so I could check it out. “It might be a good story,” she said.
Later in the morning, after I’d taken care of the dogs and elevated my blood-caffeine level into the triple digits, I opened her email. The warning in the forwarded email was clear, “Almost all Facebook accounts are being hacked,” the message said. It then went on to explain that hackers were using a Facebook user’s photo and profile to create another version of them, and then are using it for nefarious purposes.
I promised my friend that I’d check it out, and I fired off a message to Facebook public relations. Then I started looking for any evidence that my Facebook profile had been hacked. While there are multiple people on Facebook with the same name as me, I know all of them, and none of them are trying to impersonate me.
A spokesperson who does security communications at Facebook got back to me: The warning my friend had received was a hoax, and had been making the rounds for a while.
I should have thought of that when I saw the warning my friend had sent, since it was nearly word for word what I’d received when my cousin had the same thing happen. In this case, had anyone found that their Facebook account was being impersonated, Facebook would take action.
The spokesperson also explained that Facebook had already put systems in place to prevent this sort of thing. “Regarding impersonation accounts, these are against our Community Standards and people can report them for removal. We have a dedicated team for detecting and removing these scams,” she said.
The spokesperson noted Facebook had developed software to detect exactly this sort of activity. “For example,” she said, “at the time someone receives a friend request, our systems are designed to check whether the recipient already has a friend with the same name, along with a variety of other factors that help us determine if an interaction is legitimate.
“We’re developing an alert to send to people when we discover multiple accounts with the same profile photo and name,” she said. “The person receiving the alert has the option to report the account as a fake impersonating account and our team will investigate.”
The spokesperson added Facebook is encountering several other activities that are causing consternation among users. One was a rumor that went viral when someone reported Facebook was going to start charging a fee for using the service.
Social Media Scams on Facebook Following Familiar Scenarios
Another rumor involved something called the Chang Zuckerberg Initiative, in which random people on Facebook would receive money.
The scams that involve Facebook are many. There’s one in which people are receiving bogus coupons from a grocery chain promising $75 off an $80 purchase. There’s another where someone tries to pose as a friend and asks for money. There’s also the fake relative scam, in which some long-lost relative is said to have left bunches of money and all you have to do is pay shipping.
If these scams sound familiar, you’re right: They have been around for a very long time and far predate Facebook. What’s happening here is that crooks are leveraging Facebook’s popularity to reach more victims more quickly. In addition, they can collect personal details from an unguarded profile page to help their credibility. These are the same cons that have been around for decades on email—and some may be as old as the Roman Empire.
But the fact is, there is some impersonation happening on social media, and it’s not uncommon for more than one person to have the same name. So before you go plumbing the innards of Facebook, it’s a good idea to confirm that you’re actually looking at the right person. And if there’s any doubt, it’s worth confirming the accuracy of what you’re seeing.
I point this out with a couple of examples in mind: For one, it’s now very common for prospective employers to check out an applicant’s social media postings, but if anything adverse is found, it should be confirmed with the person whose name is on the account. You can’t just assume that the Joe Smith who’s looking for a job is the same Joe Smith you found on Facebook.
This also applies to people (me, for example) who are in the news media and who sometimes look at social media as part of our reporting. It might be interesting to see stories of Joe Smith being involved in something questionable, but only if it’s the Joe Smith we think we’re covering. The consequences for being wrong are very high, both in terms of the damage that can be done to someone’s reputation and later when the lawyers start filing libel suits against your publication.
Here is the advice Facebook’s spokesperson passed along for social media users to watch out for: “We encourage people to not accept suspicious requests and to report suspected phishing messages using the easy-to-find links across our service. More information is also available in our Help Center.”
Facebook also provides additional advance and tools on how users can keep their accounts secure.
Finally, a word of advice that needs to be repeated: If it seems too good to be true, it probably is. Scams can only succeed if people accept them uncritically. This is true whether it’s on Facebook, on the phone or in the mail. The scammers really are everywhere.