BBB Logo

Council of Better Business Bureaus ®
Start With Trust®
Council of Better Business Bureaus
New Wave of Phishing Scams Uses Facebook Info for Personalized Spam
January 29, 2013

Check your privacy settings. Scammers are tapping into the personal data available through Facebook, Google+ and LinkedIn to pose as your friends in fraudulent emails. Watch out for these personalized scam messages and take steps to prevent them.

How the Scam Works: 

You receive an email that appears to be sent by a friend or family member. The message addresses you by name, but the content is strange. Usually, it's just a link to a website. If you click on it, you could end up downloading malware to your computer.

What's going on here? The scammers are exploiting the fact that you're more likely to click on a link if it was sent by a friend.

Scammers find your information through Facebook or other social media accounts. Some set up fake accounts and send out friend requests. When you accept the request, they can view your friends and personal and contact information. Other scammers rely on social media users not locking down their privacy settings, so basic information, such as your name, email address and friends' names, is publicly available.

How to Protect Your Facebook Account from Spammers?  

  • Review your security settings. Check out Facebook's information on setting your privacy settings to be sure you aren't sharing personal information with strangers. Look here for information on what can be found publicly in search engines.
  • Don't accept Facebook friend requests from unknown people. 
  • Report scam profiles and other suspicious activity to Facebook by following these instructions.
  • Consider enabling login notifications, so you will know when someone uses a new device to access your account.
  • When accessing Facebook from public wi-fi in places like hotels and airports, text "otp" to 32665 to receive a one-time password to your account.

What to do if You Receive a Suspicious Email: 

  • Don't click on strange links, even if they're from friends. Notify the person who sent you the email if you see something suspicious.
  • Check the "header" field. Even though a friend's name is in the "from" field, spam email won't be from their email address.
  • If you click the link, be sure to run a virus scan on your computer. 

For More Information

 Visit Facebook's privacy section for more information about protecting your account. 

To find out more about scams, check out the new BBB Scam Stopper.