Hackers are now using fake Facebook accounts to attack other users! Here are four ways you can spot these impostors.
Facebook reported that more than 10 percent of its 2.3 billion user population are fake or duplicate accounts. These accounts are often built to promote new content or an identity separate from the real person. While this "fake Facebook" method is effective for business marketing or celebrity fan pages, hackers have recently invaded the system.
A new strategy is being used where hackers send malware via messages and emails. Attackers would "gain your trust" with a fake persona pretending to be a genuine user.
Fortunately, Malwarefox listed out four ways you use to spot fake Facebook accounts.
Four Ways to Spot a Bogus FB Account
4. Check the Profile Picture
Genuine accounts often use real photos for their picture. Be careful dealing with accounts that regularly change "faces" every week, pictures of celebrities, or no profile picture posted. To be certain that the profile photo is original, you can try using Google Image Search.
- Save the Profile Picture of your suspected account
- Open Google and click on the camera icon to "Search by Image."
- Upload the image and search
- If you see an image match, then this person obviously took their profile photo from the internet.
3. Read About Section
Facebook generally provides users' details in their "About" section. The more details are listed--like their address, school history, and personal achievement--the more it is likely the person is genuine. On the flip side, fake accounts won't go into personal details and would opt to use incomplete information, like putting their address simply as "New York" or their school as "Harvard University."
2. Check the Friend List
Genuine people would be connected with a lot of local people. This "Friends List" should be long, with a variety of different people. In contrast, fake accounts might target "specific people," like being friends with so many Saudi Arab Emirates people or similar industries.
1. Check the Name in URL and Profile
Upon creation, the Facebook account generates a unique URL to your account based on your provided name. In comparison, fake Facebook accounts might have different names and URLs because these accounts are hacked. Malicious attackers might have changed name and profile picture to throw off some suspicions in their account, but the URL will leak out on its first given user name.
Hackers Uses Fake Facebook Profile to Spread Malware
ZDNet recently reported that a cyberespionage campaign attempted to steal information from U.S. defense contractors using this fake Facebook account strategy.
TA456, also known as Tortoiseshell, campaigned a Facebook, Instagram, and email account for the fake persona "Marcella Flores." After 18 months of social engineering, this account befriended U.S. Defense contractors and sent them a OneDrive link containing a document or video file.
This file contained an updated version of Lideric malware, which aimed to steal sensitive information like username, passwords and personal credentials. No information was provided on whether the attack proved to be a success.
Facebook users could take extra security measures in protecting themselves by keeping in mind the keynotes on how to spot fake Facebook accounts.