BBB Warns: Facebook Users Fall Victim to Impersonators Posing as Family Members

August 05, 2013
Columbus, OH – August 5, 2013 - Better Business Bureau is warning Central Ohio consumers that your Facebook friends could actually be hackers impersonating family and friends to trick you out of your money.

Facebook users now reach almost 700 million, creating a virtual playground for scammers to target the unsuspecting user. BBB reports the most malicious and elaborate scam works to steal your friend’s identity to trick you out of your money.

One local victim reported to BBB that she did not question a family member who convinced her she had won $200,000 through a Facebook lottery promotion. The con artist convincingly set up a three way online exchange with a fictitious organization “Deaf and Hard Hearing Commission Worldwide” and arranged for the victim to wire transfer hundreds of dollars for fees to claim her winnings.

“I was contacted by a family member through a Facebook chat and the rest has been a nightmare for me. I have been trying to figure out how to pay my bills…I feel so embarrassed“.

“While some scams on Facebook are obvious and easy to avoid, others are malicious and easy to fall for,” said Joan Coughlin, BBB Vice President of Public Relations. “Despite Facebook's security features, determined con artists seem to find new ways to get at unsuspecting users. Safe social networking rests in the user's own hands,” Coughlin said.

All too often we read about some new hacking scheme or spam attack striking Facebook users. While the social network constantly works to strengthen its’ security features, it's important to know what to do in case your account is compromised.

9 tips for recovering from Facebook scams and hacks:

Change Your Password -If you have fallen victim to a phishing scheme or another hack attack, it's likely that someone else has obtained your password and is using it to access your account. You'll need to change your login credentials ASAP. Visit Facebook's Account Settings to do this. Remember, don't reuse passwords on different accounts and the more complex the password, the safer you'll be.

Secure Your Account -If you believe someone has gained access to your Facebook profile and is posting unauthorized content in your name, Facebook's Roadblock tool can help verify your identity and secure your account against the spammer

Enable Log in Approvals - One of Facebook's new security features will implement a two-step login process the first time your account is accessed from an unfamiliar device. If you enable this feature, Facebook will send a verification text to your mobile device before allowing access from the new location.

Clean Out Your Apps -When you approve a normal app, you "allow" the app access to your profile, trusting that the developers will post only updates about your in-app activities. However, spammers will use this open door to take over your profile. If you fell for a rogue app and mistakenly clicked "Allow," or if you notice excessive activity on your account, you should edit your list of apps and remove any suspicious ones.

Delete Spam Messages and Alerts -As soon as you can, delete spam posts from your wall and Facebook inbox. The fewer there are, the less likely you or your friends will be to click on them.
Edit Your Interests - If you were tricked into "Liking" a scam, you'll need to edit your interests on your profile and remove any links to spam sites you may have acquired.

Notify Facebook - If you suspect your account has been compromised, you can alert Facebook through several channels. To report privacy breaches, you can direct reports to If a scammer gained access to your account password via phishing attack, you can fill out Facebook's phishing report. Facebook also provides a separate form for reporting a malicious link or website.

Scan Your Computer for Malware- Facebook recommends that you scan your computer hard drive for malicious software that could potentially tap into your profile again. If you don't have an antivirus app, Facebook suggests using a free trial of McAfee.

Immediately End the Facebook Session - If you've entered a line of malicious code into your browser and believe that someone has taken control of your profile and is in the process of spamming your friends, log out of Facebook to stop the attack. One of Facebook's new security features may also notify you of suspicious activity on your account, such as excessive "Likes" or posts.

BBB Offers advice for Staying safe on social networking sites:

1. If a “friend” or “family” member is asking you to wire money, users should attempt to contact their friend outside of the social networking site to confirm the situation.
2. Users should always make sure their computer’s operating system and antivirus and firewall software are up to date.
3. Keep private information private.
4. Consider it a red flag if you are asked to pay anything to receive your winnings - You should never ever pay if the prize is legitimate.
5. Be selective when choosing friends.