Facebook Stung By Social Media ID Theft

By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com

Imagine trying to log into your online accounts one after the other and being locked out.

At first you think the site you are visiting screwed up but then it keeps happening over and over again no matter where you go.

Then you start receiving messages from friends and family asking you why you are behaving so freakishly online.

This is what happened to Matasha Allen as described in the Eastern Michigan Universitys Eastern Echo.

Allen, 28, was a substitute teacher at the time, teaching music as well as elementary classes. Her only outlet to the Internet was limited to libraries and public computer labs, where she would check her accounts, look through e-mail and stay in touch with friends on Facebook. It was during one of these trips to the computers that it happened, Allen deduced. She thinks her Facebook account wasn’t completely logged off, or the computer didn’t log out. However it happened, someone found their way onto Allen’s accounts and took complete control.

“Social media is built on the honor system. There are no checks and balances to prove who is who. Anyone can pose as you and blog as you. This makes for social media identity theft,” said Robert Siciliano, a security consultant for Intelius.com and a speaker on preventing identity theft.

“The problem with social media identity theft is that when it takes over your account, all the people that you communicate with within your account may believe the identity thief is you. And when that identity thief begins to ask for money, from your friends and from your family and your coworkers, then they may actually pull money out of their pocket and send it via Western Union to the imposter. They think that you’ve actually come into the trouble that the identity thief is saying you’re in.”

In Allen’s case, her identity theft didn’t escalate to the thief asking for money from friends, but the thief was malicious. Messages were sent to friends and family, using profanity and insults. One of the incidents Allen related was toward an organization focusing on eliminating poverty in children. The identity thief sent the organization a message reading, “I hate children. I hope they all starve.

1. Steer clear of public computers whenever possible, or at least not accessing accounts or sites that require passwords.
2. If you use a public PC get a USB drive that has a built in browser that allows you to surf securely
3. No matter what PC you use to access accounts always log out when your are done
4. Register your name at as many social media sites as possible. Use Knowem.com to do it for you.

Protect your identity. Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

* * *

Stay Informed With ISR News Alerts:

Email:

by FeedBurner

* * *

Robert Siciliano is an expert on personal security and identity theft as the CEO of IDTheftSecurity.com. An American television news correspondent, security analyst, and author of “The Safety Minute: How to take control of your personal security and prevent fraud”. Featured on the The Today Show, CBS Early Show, CNN, MSNBC, FOX, CNBC, Inside Edition, EXTRA, Tyra Banks, Stern, and in USA Today, Forbes, Tech Republic, SC, CSO, Search Security, Tech News World, EWeek, SecurityInfoWatch, NY Times, Boston Globe, LA Times, Wash Post, Chicago Tribune, AP, UPI, Reuters, and Entrepreneur.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

Filed under: Breach, D&O Liability, FEATURE ARTICLE, Financial, Insider Threat, Robert Siciliano, Sarbanes-Oxley, Uncategorized, due diligence, hackers, identity-theft, malware, national security, privacy 

Comments

• ISR Headline Index

  • When Social Networking Clashes with Security
  • Spam Block: Public Servants or Vigilantes?
  • Sticky Situations in Social Media
  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!
  • A Newbie’s Introduction to Digital Forensics
  • Security Best Practice: Trust But Verify…
  • Google, Adobe, and Big Oil Under Attack!
  • Building your OWN Malware Lab (Part 2)

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (109)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (597)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (306)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (583)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (369)
  • Greg George (5)
  • H1N1 (15)
  • hackers (535)
  • healthcare (130)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (531)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (34)
  • Insider Threat (486)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (67)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (497)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (207)
  • national security (449)
  • PCI (304)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (548)
  • Rachel James (10)
  • reach (7)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (498)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (97)
  • Webcast (49)