1. Association News NZIPI
Five ways criminals
use facebook
F
acebook went public on the 21st an illegally obtained ID and password.
May 2012 in one of the most Once they are online, they have the victim’s
anticipated IPO’s in history. entire friend list at their disposal and a
With more than 900 million trusted cyber-identity. The imposter can
users, Mark Zuckerberg’s expanding social use this identity for a variety of confidence
media empire has become a part of the schemes, such as a popular one that has
online experience. become known as the London scam in
A by-product of its success is that which the fraudster claims to be stranded
millions of people around the world are overseas and in need of money to make it Michael Campbell is the Vice Chairman of
now far more exposed to a number of home. This scam has a far higher success the NZIPI and he has operated his business
cybercrimes that result from criminals rate on Facebook, and specifically of as a self-employed Private Investigator in New
having access to this media. commandeered accounts, because there is Zealand for the past 31 years.
The modern Private Investigator needs a baseline of trust between the users and www.advancedinvestigations.co.nz
to be savvy and up to date with the most those on their friends list.
modern technology to combat this on- and buy and sell a laundry list of goods
going trend involving the cybercriminal. 3. Profile cloning and services. Posing as a reputable user
Cybercrime has been around for a long Profile cloning is the act of using lets the scammer capitalise on the trust
time but the presence of social media has unprotected images and information to that person has earned by selling fake
made many crimes easier to commit. In create a Facebook account with the same goods and services or promoting brands
social networks people often make ‘friends’ name and details of an existing user. The they have been paid to advertise.
without knowing the person and make their cloner will then send “friend” requests
personal information easily available. to all of the victim’s contacts. These 5. Mining unprotected information
None of the networks present more contacts will likely accept the cloner as Few sites provide an easier source of basic
opportunity to criminals than Facebook a friend since the request appears to be information than Facebook. While it is
and its hundreds of millions of users. from someone they’re familiar with. possible to keep all personal information
Recent studies have identified some Once accepted the criminal has access to on Facebook private, users frequently reveal
of the most common ways criminals use the targets personal information which their emails, phone numbers, addresses,
Facebook to their advantage. they can then use to clone other profiles birth dates and other pieces of private
or to commit fraud. By doing this they data. As security experts and hackers
1. Hacking accounts exploit a person’s account and postulate know, this kind of information if often
When criminals hack a Facebook account as that person to extract information. used as passwords or as answers to secret
they typically used one of several available The scariest aspect of this offending security questions. While the majority of
‘brute force’ tools, which cycle through is its simplicity as hacking acumen is unprotected information is mined for
a common password directory and try unnecessary to clone the profile; the targeted advertising, it can be a means to
commonly used names and dates, opposite criminal simply needs a registered account. a more devious purpose such as profile
hundreds of thousands of different cloning and ultimately, identity theft.
email ID’s. Once hacked, an account 4. Fake Facebook These are but a few of many examples
can be commandeered and then used as A common form of phishing is the of computer related crimes the modern
a platform to deliver spam, or – more fake Facebook scam. The scammer’s investigator needs to be aware of.
commonly – sold. Clandestine hacker direct users via some sort of clickable New Zealand legislation has been
forums are crawling with ads offering enticement, to a spurious Facebook log in updated in recent years to prohibit
Facebook account ID’s and passwords in page designed to look like the real thing. behaviour when criminals access
exchange for money. In the cyber world, When the victims enter their usernames computers for a dishonest purpose or
information is a valuable resource. and passwords, they are collected into without the authority of the computer
a database, which the scammer will owner. Offenders who commit computer
2. Commandeering accounts often then sell. Once scammers have related crimes are often surprised to
A more direct form of identity theft, purchased a user’s information they can discover the serious consequences they
commandeering occurs when the criminal take advantage of their assumed identity can face upon conviction for breaches of
logs onto an existing user account using through apps like Facebook Marketplace sections 249-252 Crimes Act 1961.
36 June - July 2012 NZ Security