This post has been modified to reflect new information since its original publication.
Social media is the new frontier for cybercrime because traditional approaches don’t work as well as they used to. It seems as though nearly everyone has been on the receiving end of some kind of email or click-based scam. Whether it’s an attempt at identity theft, picking up a virus from a questionable website, or having a scammer pretend to be a rich foreigner looking for help moving money, the forms of online deception are nearly limitless.
But we’ve also gotten wiser over time. Traditional spam approaches have gotten a lot less effective, and as a result, spammers are turning to social media, where your defenses might not be as high.
This article will explore a few of the ways that Facebook has been exploited by scammers and cybercriminals in recent years, largely by preying on the trust that people tend to exhibit in this online arena. You’ll discover tips on the kinds of fake Facebook friend requests that can potentially harm you, your pocketbook, and your online reputation.
What makes fake Facebook requests so effective
Facebook has a uniquely social quality that makes it particularly vulnerable to cyberattacks. You don’t expect any trouble from your “friends.” However, unless privacy settings are specifically adjusted to restrict access, when a Facebook friend request is accepted that person can view all of your profile information, including your dearest friends and associates, birthdate, relatives, hometown and more.
From there, it’s only a few steps to cracking a weak password or infecting Facebook accounts with viruses and scams. And since these attacks come from “friends,” who would suspect them?
The most obvious way that cybercriminals take advantage of people on Facebook is the malicious friend request. You might think that simply refusing friend requests from people you don’t know would solve the problem. Unfortunately, things aren’t always so simple.
Many people have hundreds, if not thousands, of Facebook friends, and it’s common for them to accept new friends without a second thought—even if they don’t know them personally. This is particularly true for those who use social networking to promote themselves professionally. Requests from acquaintances of your other Facebook friends can seem perfectly legitimate, even if they’re not. All it takes is for one of your friends to accept a fake request.
Identifying fake Facebook friend requests email
Often you can tell if an account is fake by looking at the profile. Some scammers have gotten particularly adept at disguising their profiles, but for the vast majority of cases, there will be clear warning signs:
- Beautiful people: Most scammers use photos of attractive people for their fake profiles. After all, who wouldn’t want to think that some gorgeous person is interested in getting to know you better?
- Few or no posts: Scammers set up fake accounts algorithmically, and they don’t usually bother putting a lot of detail into them. If you see a profile with no posts, or only a handful of posts that are all very recent, then chances are it’s fake.
- Random likes: Fake accounts often like a lot of different pages and posts in order to look more legitimate. But their selections rarely make any coherent sense. If it looks like the person is liking completely random things, a lot of brands, and pages that seem to contradict each other, then you’re probably looking at a fake.
- Few friends: If someone is new to Facebook, chances are they will start off by friending the people they know in their immediate social circles. They won’t go out friending random strangers. Check the friends list. If you don’t see anyone you know, or just one or two friends, then the profile is probably fake.
- Doesn’t respond to messages: A stranger who is generally interested in getting to know you will certainly be willing to answer any message requests you send. If you think the profile could be real, send the user a message and ask something friendly and innocuous. If there’s no response, you’re probably talking to a bot instead of a human.
The dangers of fake Facebook accounts
You might think, so what if you have a few fake friends? What could happen? Unfortunately, fake friends open you up to many threats:
- Hacking: Facebook accounts are easily compromised, often because people use weak passwords. Once a scammer is in your friend’s list, they can use the information in your profile to try to figure out your password. Or they might try to find the password of someone you know instead. Once they succeed, they have a channel that people trust to use for their scams.
- Scams: There are many traditional scams that work especially well when conducted through a hacked Facebook account. One common ploy is the “stranded in London” phishing attack, in which you receive a request for help from a stranded Facebook friend who has lost his or her wallet and passport. Though there are many variations to this kind of request, the gist is that you’re being asked to wire your friend a substantial amount of money in a short time. By the time you realize that it’s not your friend who has contacted you, it’s often too late.
- Identity Theft: Even more potentially harmful is the possibility of a compromised friend’s account sending you a link to a malicious application or download, often with a message like, “Hey, I thought you’d enjoy this news story” or something similar. Once you click the link, phishing software gets installed on your computer, leading to identity theft, viruses, and other malicious activity.
As you can see, serious damages can stem from fake Facebook accounts. Whenever you get a friend request from someone you don’t immediately recognize, make sure to vet it thoroughly. Similarly, if friends send you unusual requests or strange links on Facebook, be very careful before interacting.