Several days ago, I experienced an encounter with a so-called Nigerian 419 scammer on Facebook. It was an attempt to get money from me under the guise of helping a friend.
When I logged into my Facebook account, the chat window popped up. It was a friend who said she needed my help. She was on a short vacation in Madrid, Spain and mugged in the hotel park. Her money, credit cards and cell phone were stolen, but she still had her passport. She wanted me to lend her money to pay her hotel bill, pay for a cab, and airline ticket. I offered to contact her mother and sister, but she said they had already sent all the money they had, but she still needed $900. When I said I could not send money, she said, "why not?" She told me to get the money at an ATM and promised to pay me back as soon as she returned to the states. She said, "Please help me get out of this mess." Again, I offered to contact someone in the states for her, but she would not give me names to call. When I asked who was with her, she refused to answer. Then, there was silence.
I went to my friend's home page to see if there was a message asking for help. Some of her friends had posted that she was not in Spain and had not been mugged. They had verified that she was safe and at her workplace in the states. Her Facebook account was hacked into, identity stolen, and the scammer was contacting her friends by chat and e-mail.
This encounter is a classic example of the Nigerian 419 scams taking place on social networking sites. Hackers are phishing for login credentials to steal your identity. Once they have your password, they can hijack your account, change your password and gain access to your personal information and that of your friends. If you're locked out of your account, you will have no way to know which friends the scammers contacted. By the time you get back into your account, they're on the way to the next unsuspecting victim.
We can't stop every attack by cybercriminals, but we can help protect our identity by following the steps below.
1. When using any social networking site, review the privacy policies and make sure your security settings are correctly set.
2. Create a secure, strong password by combining letters [upper and lower case], numbers, and symbols. Don't use personal information such as family names, pets, birthdays, addresses, phone numbers, etc. Never share your password with anyone!
3. Choose your friends wisely! Use caution when accepting friend requests from strangers.
4. Use e-mail with caution. Spammers use "real" looking e-mail to steal your login information and passwords. Be careful when clicking on links in e-mails.
5. Keep confidential personal information private! Be careful about the information you share publicly. It's surprising how much information members share with strangers with no regard of the consequences.