Sweden recently experienced a large banking scam where over 1.2 million Swedish kronor (about $177,800) were stolen by infecting the computers of multiple victims. The attackers used a Trojan which was sent to the victims and, once installed, allowed the attackers to gain access to the infected computers. Luckily these guys were caught and sentenced to time in jail, but it took a while to investigate since over 10 people were involved in this scam.
It's possible that these attacks are no longer as successful as the bad guys would like, because we are now seeing them use other methods to find and exploit new victims. For quite some time now we have seen how hijacked Facebook accounts have been used to lure the friends of whose account has been hijacked to do everything from click on malicious links to transfer money to the cybercriminals’ bank accounts.
Please note that this is not a new scam - it has been out there for quite some time. But what we are now seeing is the use of stolen/hijacked accounts, or fake accounts, becoming very common on Facebook. So common, in fact, that there are companies creating fake accounts and then selling access to them to other cybercriminals. As you might expect, the more friends these accounts have, the more expensive they are, because they can be used to reach more people.
The problem here is not just technical – it’s primarily a social problem. We use Facebook to expand our circle of friends. We can easily have several hundred friends on Facebook, while we in real life we may only have 50. This could be a problem because some of the security and privacy settings in Facebook only apply in your interactions with people who you are not friends with. Your friends, on the other hand, have full access to all the information about you.
We are now warning users of a new scam which is being exploited. The bad guys are using stolen or hijacked accounts to send personal messages to their victims. They pretend to have a problem. For example, they claim to be stuck at an airport and say they need a few hundred kronor for a new ticket home. Or they pretend that their online banking token is broken and they ask to borrow the victim’s token. This sounds pretty trivial, but we have noticed that many people are unaware that a banking token is private and cannot be used for another account.
The idea behind this fraud is pretty simple. It rests on the fact that a large amount of personal information is posted on Facebook. Cybercriminals can easily build up a lot of information about a person. And if they are using a stolen account they can also easily look at the nature of the relationships between one victim and another.
We want all Facebook users to be aware of this, and to think twice before disclosing any information regarding your banking details, or lending out money to people. Here are some easy pointers:
2012 Mar 20, 10:09
Facebook users to be aware of this
1.We should also not click any suspicious links given by our friends on Facebook Chat it might happen that the friends account has been already hacked and the hacker is using the friends chat to spread the malicious code to others.
Edited by Arnab Choudhury, 2012 Mar 20, 10:22