by Jonathan Gilliam, Momentum Factor
Last week. a friend’s Facebook account was hijacked. While he was traveling, the criminals who overtook his account immediately launched a well-known money scam in an attempt to extract money from his friends. Fortunately, his friends alerted him, and it was quickly reported it to Facebook, who disabled his account the next day.
Scammers using your good name to steal from your friends? Oh my.
Unfortunately for my friend, his business is now dead in the water on Facebook. Not only can he not log in, but he will also likely lose his account entirely as Facebook does not eagerly re-enable hacked accounts. And since the criminals had access to all the email addresses of his friends, they may continue the scam even with the account shut down. Can you imagine? Your entire friends list, gone. All your posts, content and photos, poof! My friend must now re-friend the thousands he had already friended, many of whom he will not remember and some who have surpassed the 5,000-friend limit, rendering him unable to re-friend. Now, he will have to start his three years’ worth of Facebook friending, connections and content from scratch.
This is the underbelly of social media. People with bad intentions who use community relationships to do bad things. I cannot think of a more insidious (or socially damaging) scheme to exploit the trust inherent in social media.
What can you do right now to protect yourself? Firming up your Facebook security is a start. Follow these instructions to the letter (no slacking!)
- First, Download your Facebook data here. A little-known feature in Facebook is the ability to download your friend list, profile information, wall posts, photos, videos, friend list, notes, events, sent and received messages and all comments. If you ever lose your account, you can replace much of your lost data. It’s a good idea to possess this data yourself anyway, it’s yours after all!
- Change your password now to something complex (the password form has a strength indicator.) Treat it the same as you would your online bank account. DO NOT use the same password you use for other accounts. (especially online sign-ups or surveys, etc.) Passwords hacked at other sites are often the first to get “tried” in Facebook. This is how many FB accounts are hijacked.
- If you haven’t set up a “secret question” or if it isn’t so secret, you are at risk. You may have no secret question currently – check here and if possible, add a good secret question only you would know the answer to. If your secret question is hacked, you’re toast. Unfortunately, Facebook does not allow the answer to be changed due to – guess what – security concerns.
- Monitor your login activity. Another little-known Facebook security feature is “Login notifications”. (My Account>Account Security) Your account can text or email you immediately if an unknown device logs into your account (you have the option of removing that computer “activity.”) You can review logins to your account and find the computer name given and the city it originated from. I set mine to text me immediately when a strange computer logs in to my account. Usually, it’s just me logging in at an airport kiosk or coffee shop, but I always pay attention to these alerts.
- Update your security information. Add multiple email addresses in case you lose access to one. Use your mobile phone as your primary notification device which is a better default than email. Pay attention the the security level “meter” that tells you how protected you are.
- Don’t fall for silly ploys. Facebook never emails requests like “Hello! I’m an administrator from Facebook. Please send me your email and password to make sure that your site does not have clones or viruses!” Clones? Watch for bad English as well as most of these losers are overseas.
- Finally, in the event you are hacked, and your account is hijacked or otherwise deactivated, don’t expect much from Facebook staff. There IS no staff. With 500 million accounts, you have about that many chances in hell to get a live person ever. Take your privacy into your own hands and be vigilant.
If you want to help your friends learn how to protect themselves too, “share” this post now on your Facebook page.
And to learn more about this topic or how the Momentum Factor team can be of assistance, reach out by clicking here.