Social media has changed the way cyber attacks take place. It isn’t uncommon for people to contact the Tahlequah Daily Press to complain about hackers when what they really mean is, their Facebook account has been cloned, or that they were solicited by a phishing scheme.
Jonathan Rader of Rader Computers explained the difference among cloning, phishing, and hacking. He said Facebook cloning is very easy – so easy a robot can do it. Cloning is when a person or a bot creates a Facebook account on behalf of someone else. They take public information available on Facebook, such as a name and a profile picture, and use it to create the account to trick others into giving them money.
“They look up random people on Facebook and … take your name and profile picture and make a new account so it looks like you. [Bots or people] look at your friends list and send your friends invites, and then a lot of your friends will forget they are already your friend or they’ll think you created a new account,” said Rader.
The bot or person will then contact a user’s friends, and in time, they will ask for money.
“You may think, ‘Oh, my friend is connecting with me, and they need money, so I need to help them out.’ They assume it is their friend in a time of need,” he said.
Cloning is most prevalent on Facebook, but some cloners send out emails pretending to be a user’s friend.
“I’ve had a customer who somehow a cloner got a hold of one of their friend’s address books. They got an email, and it was their friend’s email address, but it was off by one letter,” he said.
In the email, the cloner said he needed money for a child’s laptop and that he needed to be paid in iTunes gift cards.
Many Facebook users are accustomed to clones. Cloners make fake accounts because they are playing a numbers game. They know most users will recognize them for what they are, but if they can fool even one person out of 100 per day, they can make decent money.
“Sometimes they are trying to get hundreds of dollars, and sometimes they are trying to get thousands of dollars,” he said.
According to Rader, there isn’t much people can do to protect themselves from cloning. The best advice he gave was for users to adjust their Facebook settings to abscond their friends list. The default Facebook setting makes people appear searchable on Google and allows anyone to see their photos and friends list. With a few clicks, users can take ownership of who can see what in their profiles.
Hacking is less prevalent these days, particularly against individuals. Hacking is when someone tries to guess, or uses a computer software to guess, a password to a user’s account. The skill required to hack into someone else’s account makes the practice less common. Most hackers target larger companies and governments because they want a bigger return on their investment. Rader said individuals do get hacked every year, and the best way to prevent it from happening is to use complex passwords with symbols, numbers, and multiple words, or even just random characters.
Phishing is similar to cloning, but instead of imitating a person, the attacker poses as a company. Rader recently saw a scammer who posed as Amazon. The purpose was to get personal information by convincing them to update account information. The scammer can then use Social Security numbers or banking information to steal money.
“If you get an email from a company, such as Amazon, and they want you to call a number, instead of calling it, you can go to the actual website and call the support number and ask about it,” said Rader. “And remember, anything that is too good to be true, probably is.”