The FBI has issued an alert notice about the growing number of attacks using Facebook.
The FBI’s IC3 online crime department sent out the warning today after an alarming increase in the use of hacked accounts to trick money out of people, typically by mailing friends with requests for money after a claimed robbery.
The bureau said that it has detected over 3,200 such attacks since it started monitoring and the numbers were rising sharply. Some people are losing thousands of dollars as they attempt to help friends in need.
Facebook has said that it is aware of the problems and is trying to find technical fixes to the issue ands is working with third parties to minimise the effectiveness of such attacks.
“On the technical side, we have improved a number of our automated systems to better handle this unique class of scam and are taking efforts to ensure that we adapt our response to the scam as it changes,” it said in a blog posting.
“At the same time, our security team is working with law enforcement and collaborating with email providers and other industry experts to identify and catch the criminals responsible. Western Union also is working closely with law enforcement on scams such as this one.”
Malware writers are also increasingly using hacked accounts to harvest data, distribute malware, and direct users to phishing sites, the alert warned. Once a PC is infected it can then go on to compromise the business or home network it is part of.
“Cyber thieves are also using spam to promote phishing sites, claiming a violation of the terms of service agreement or creating some other issue which needs to be resolved,” it said.
“Other spam entices users to download an application or view a video. Some of these messages appear to be sent from friends, giving the perception of legitimacy. Once the user responds to a phishing site, downloads an application, or clicks on a video link, the electronic device they’re using becomes infected.”
The FBI advises users to lock down privacy settings, limit your 'friends', and report any instances of hijacking immediately.