My wife's Facebook account was hacked yesterday morning while we were on the road. They changed her password and started chats with her friends at about the time we were on the ferry leaving Middle Bass. They said we were kidnapped in London and our friends needed to wire money immediately. We started getting urgent cell phone calls from a number of friends and relatives immediately, and stopped at a Starbucks to get on the web with a computer and fix the problem.
After fixing it, I did some research and figured out that the only reason we were able to recover the account, while many other people with the same problem couldn't, is that whoever got her password couldn't use the same password to get into her email, because our middlebass.org email addresses don't have a "generic" web address for web access that others can find. When the scammers tried to change my wife's email address, a confirmation request went to her email and had to be approved by her. The lesson from this is that if you use Facebook and also use a common web-based email service such as Gmail, Yahoo mail, Windows Live, etc., don't use the same password for both. A quick web search will show that when Facebook scammers were able to access your email and confirm the email address change, the Facebook account was lost to the original user while the scammers could continue to use it and scam all the friends of the original owner. Getting Facebook to shut down the account is VERY difficult and time-consuming when you can't access the account.
How did the scammers get access to my wife's account? There are two main possibilities. The first is that some phishing attack was successful. Emails with a link to a Facebook phishing site (that looks exactly like Facebook but isn't) are known for grabbing your password and then actually taking you directly into and through your regular Facebook login, so that you never even notice that you were not on a real Facebook site.
The second possibility is that there are known vulnerabilities in the 3rd-party Active-X control that is used when you upload pictures to Facebook from Internet Explorer. If you use another browser such as Firefox, Opera, Chrome or Safari, that vulnerability doesn't exist because they all use Java rather than Active-X to support access to your file system for the picture uploads.
Our Facebook passwords and email passwords are now different, even though they were the same in the past. We were lucky because the scammers couldn't figure out how to get into our email accounts. A lot of people have not been so lucky, such as the one who wrote the article Kidnapped on Facebook last January
Thursday, June 4, 2009
Subscribe to:
Posts (Atom)