{"id":739,"date":"2009-02-06T21:55:32","date_gmt":"2009-02-07T05:55:32","guid":{"rendered":"http:\/\/cubist.cs.washington.edu\/Security\/?p=739"},"modified":"2009-02-06T21:55:32","modified_gmt":"2009-02-07T05:55:32","slug":"current-event-facebook-the-target-of-scammers","status":"publish","type":"post","link":"https:\/\/secblog.cs.washington.edu\/Security\/2009\/02\/06\/current-event-facebook-the-target-of-scammers\/","title":{"rendered":"Current Event &#8211; Facebook the target of scammers"},"content":{"rendered":"<p>As Facebook becomes more ingrained in people&#8217;s public lives, so does the opportunity for people to take advantage of the virtual identities of others.\u00a0 Recently, a Seattle man, Bryan Rutberg, had his Facebook account <a href=\"http:\/\/www.cnn.com\/2009\/TECH\/02\/05\/facebook.impostors\/index.html\" target=\"_blank\">used to extort money<\/a> from his friends, saying that he had been robbed and needed money to get back from London.\u00a0 Rutberg, however, was safe at home in Seattle.<\/p>\n<p>A person&#8217;s Facebook profile is trusted enough that people tend not to question who is on the computer using the account, but we&#8217;ve probably all heard stories of friends having their status changed by a roommate while they&#8217;re in class.\u00a0 I personally know someone who&#8217;s girlfriend removed some of his friends from his profile without his knowledge.\u00a0 It seems someone has taken this type of attack and started using it for more insidious purposes.<\/p>\n<p>The biggest thing that could have prevented this particular situation would have been for Rutberg to be more security conscious in his use of Facebook.\u00a0 The attacker most likely gained access to his account through some sort of malware that Rutberg inadvertently installed on his system.\u00a0 The best way to prevent this is the same sorts of advice always given out about malware\u2014be wary of untrusted websites and email.<\/p>\n<p>This is especially important as social networking sites become more common for other uses.\u00a0 If this had happened on LinkedIn, Rutberg might be out of a job, or worse.\u00a0 People work very hard to protect their identity when it relates to financial assets, but intangible assets such as social and business reputations are at stake as well, and are often not as well protected.<\/p>\n<p>Facebook is already taking action to make users aware when their account may be compromised, such as sending emails to the current contact email when changing or adding a new contact email.\u00a0 More could be done to protect users&#8217; identities on social networking sites, but this would more than likely simply get in the way of users of the sites.\u00a0 The best reaction to this kind of event is to make users aware of it, so they are more careful with what they do on social networking sites.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>As Facebook becomes more ingrained in people&#8217;s public lives, so does the opportunity for people to take advantage of the virtual identities of others.\u00a0 Recently, a Seattle man, Bryan Rutberg, had his Facebook account used to extort money from his &hellip; <a href=\"https:\/\/secblog.cs.washington.edu\/Security\/2009\/02\/06\/current-event-facebook-the-target-of-scammers\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":71,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-739","post","type-post","status-publish","format-standard","hentry","category-current-events"],"_links":{"self":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/739","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/users\/71"}],"replies":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/comments?post=739"}],"version-history":[{"count":11,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/739\/revisions"}],"predecessor-version":[{"id":1315,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/739\/revisions\/1315"}],"wp:attachment":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/media?parent=739"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/categories?post=739"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/tags?post=739"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}