This caught my interest today.
Rakesh Agrawal, the CEO of SnapStream, a Texan software company, received a message on Facebook, supposedly from one of his friends - Matt Finkelstein. "Matt" told Rakesh that he was stranded in London, after he had his money and air tickets stolen and needed $800 to get home.
Fortunately, as you'll see in the transcript Rakesh published on his blog, he was suspicious and guessed that his friend's account had been broken into by a hacker.
Asking personal questions that only Matt or a close friend would know helped Rakesh uncover the truth, although it's clear that the scammer was able to derive some information (for instance, his wife's name) from the profile.
well,im really stuck here in london
i had to visit a resort here in london and i got robbed at the hotel im staying
ack... that's terrible. Sorry to hear it.
we just want some helo flying back home
So why are you stuck there?'
all my money to get a ticket back home got stolen
I didn't understand this "we just want some helo flying back home"
actually i got some money wired to me to catch a flight back home
but we still need $800 more to complete our ticket fee and fly back home
Honestly, it sounds like someone's hacked your Facebook account and is using it to defraud your friends.
i have the money in my checking acct,i cant just access it from here
this really me
Lauren is here with me
and my kids
your wife's name is on your profile page
what about my kids name?
how do we know each other? when did we meet?
I do not know this guy from "school"... So when I responded and he figured out that I was on to him, he blocked me, etc. I tried emailing Matt at his e-mail address, but who knows if that address was his real address or not...
Rakesh was right to be suspicious, but how many other people would fall for this kind of confidence trick?
Interestingly, we're hearing more and more reports of this kind of scam taking place on Facebook, suggesting that many people may not have taken proper care over securing their accounts and choosing a sensible password.