Take steps to protect yourself on Facebook

Posted Saturday, Sep. 19, 2009 Comments   (0) Print Share Share Reprints
A

Have more to add? News tip? Tell us

By DAVE LIEBER

watchdog@star-telegram.com

lieber While on Facebook last month, Gary Rifkin received an instant message from his friend Karen Cortell Reisman.

"Hey Kar, how’s it going?" he typed back.

"Not too good at the moment," she answered.

"What’s going on?" he asked.

"I’m in a deep mess as we speak and I need your financial assistance," she answered.

She explained that she was in London "and we got mugged at gunpoint."

"Oh my God," Rifkin said. "Are you okay?"

"Yes. Cash, credit card and phone got stolen. It was a brutal experience."

"How are you going to get home?" he asked.

"That is the main problem now. I need your financial assistance."

"How much do you need?" he asked.

"All I need is $1,300."

"Where should I send it?"

The address was in London.

"Hang in there," he advised, a transcript of the conversation shows.

Rifkin never sent the money. He knew he wasn’t talking to his friend but someone pretending to be her. He knew his friend was at home in Dallas.

Reisman, meanwhile, started getting frantic phone calls from friends asking, "Are you OK?"

As she told me later, "It was stunning to see how fast this grew over the course of one day."

She calls the whole experience "the day I got hijacked on Facebook."

Reisman uses Facebook as part of her speaking and coaching business. But she couldn’t get into her account because her password no longer worked. She tried to call Facebook’s corporate office in Palo Alto, Calif., but she couldn’t find the phone number. (Note: 650-543-4800)

She found the help page on Facebook that led to a contact form that put her in touch with the security team.

When Facebook e-mailed her a new password, she worried that it, too, was a hoax. But it wasn’t. She got her Facebook page back.

None of her friends sent money, but most called to see whether she was OK. "I was so touched by the concern of so many people," she said.

In Facebook lingo, her account was compromised, company spokesman Simon Axten said.

Reisman has no idea how it happened. In all probability, Axten said, scammers learned her password through phishing.

That’s when a user goes to a fraudulent Web site that looks like the real thing. The person enters his or her login information, and then the crooks have what they need.

I can see how this happens. Sometimes I get an e-mail on an account that Facebook doesn’t know about. The e-mail asks me to look at Facebook photos. But I’d have to log in to Facebook. I ignore it.

The Facebook spokesman says scammers re-create e-mails that look like ones Facebook sends out. They might say that a friend has commented on your link or that you were tagged in a photo.

"We advise people to be careful when they’re clicking on e-mails, and especially links," Axten said. "And when they do click on a link, check the URL [Web address]. If it’s not www.Facebook.com and it’s something else, most likely it’s a phishing site. Be careful."

He suggests that when a friend claims to be in trouble, test the friend’s identity by asking key questions ("Where did we have lunch together last week?").

Looking for comments?

Join the discussion

The Star-Telegram is pleased to provide this opportunity for you to share your thoughts and observations about news topics. We enjoy lively debate on the issues of the day, but we ask that you refrain from using profanity, racist or hate speech, engaging in personal attacks or name-calling, posting advertising or external links or including remarks that are off topic. To post comments, you must be a registered user of Star-Telegram.com. Your username will show along with the comments you post. Thank you for taking the time to offer your thoughts.