Dire Warning to Facebook Users Regarding Nigerian Hackers
.jpeg)
(Click the blue links in this article. They contain well-sourced info on the scams described here & how to avoid them).
Imagine you're going about your day & get a call from an unfamiliar number. Distracted, you pick it up and tend to it like usual. Nothing seems out of place but, when you check your bank balance, it's missing $220,000. That's what happened to the man in the 60 Minutes Australia report below. Scammers drained every cent from his business & personal accounts with just 10 transactions in a matter of minutes according to the bank, who said they couldn't get it back because it was quickly converted to cryptocurrency--a common tactic among scammers. Another woman lost over $90,000 the same way. They never received a single warning from their bank's notification system that these huge withdrawals were made. (I can't embed the video for some obnoxious reason so here's the link to Youtube):
https://www.youtube.com/watch?v=3BYHITiAGVU
60 Minutes Australia: Scamdemic 2023
Welcome to the world of modern scamming.
Indeed, 2023 is Year of the Facebook Scamdemic. What do these phone scammers have to do with Facebook you ask? Plenty, and we'll get to that later. There are countless examples of Facebook users being permanently locked out of their accounts by Nigerian hackers who gain access via sophisticated phishing scams & then change the password, email & phone number associated with the account. This is also happening to a lesser extent on other social media sites but Facebook seems to be the most heavily affected. Even celebrities are falling victim. THERE IS GENERALLY NO WAY TO RECOVER YOUR ACCOUNT ONCE THIS HAPPENS.
 |
| Rap artist Caine lost his 40k-follower Instagram page to hackers |
While having your social media accounts hijacked by criminals is frustrating, their ultimate goal is to gain access to your financial accounts & identity. That's shockingly easy to do once they have your password, security question answer (like mother's maiden name) or a snippet of you saying "yes" on a phone call. More on that below.
Most cybernauts don't realize these scammers already have everything they need to steal your identity or gain access to your financial accounts except for 1 or 2 minor details. They begin by gathering bits & pieces of your personal data from Facebook, Instagram, LinkedIn, Twitter, Tiktok, Youtube & other social media or dating sites. Don't have all those "other" social media accounts? No problem: All it takes is a quick Google search to access the juicy stuff: your physical address, phone number, the names of everyone who lives with you. (Seriously, try it now. Google your full name. Put it in "quotation marks" for best results & add your current city & state, (i.e. "Jane Marie Doe" Houston TX). I'll wait. ⏸
...horrifying, hunh? Even if you can't find much, I guarantee these professional criminals can with enough time & determination.
Data brokering sites like Radaris and hundreds of others sell your information to anyone for a nominal fee. These sites reveal everything from your age, criminal history & political party to your last 30+ years of phone numbers, where you got your education & everyone living with you. Some post the info for free for all to see. Opting out is a lengthy process & many sites (probably half) don't allow it.
Phone-y Business
Speaking of phone numbers: If you've ever answered a call from an unknown number & spoken to someone asking "Can you hear me?" or another yes/no question that you assumed was a telemarketer with a bad connection, you've been contacted by a dangerous scammer in this same type of network. They likely got your number via a corporate data breach that was then leaked to the Dark Web along w/ other sensitive information. Now all they need is your voice saying "yes" or words that sound like it to impersonate you to lenders, banks or other financial institutions. This allows them to open lines of credit in your name, take out loans or even drain your business or savings accounts. That's if you don't give the $$$ to them willingly via romance scams, phishing attacks or sextortion schemes on social media. Criminals can do all kinds of unsavory things with just your phone number as this article shows.
Nobody's Immune
AI... dark web... phishing... cryptocurrency. If these terms are like Greek to you, you're not alone. Thankfully you don't need to be a tech genius to protect yourself against these clever cons. Read on to find out some steps you can take right now to increase your online and real-life security that don't cost a dime.
If you believe you're immune to this kind of thing; that Facebook will protect you or that your bank or the U.S. gov't will help get your $$$ back should you lose it all to these scumsuckers, you couldn't be more wrong. Stories of hardworking people losing their life-savings to cunning criminals pour in from Canada, the U.S., Australia, England & every other developed nation not daily but hourly. (Seriously, go back to the top of this article & watch the 60 Minutes Australia video. There are many more like it, sadly). These criminals are organized & can do things like spoofing your phone number to your friends or even imitating your voice with pitch perfection!
And as the linked examples above show, it's not only senior citizens who are vulnerable. While adults over 65 are still the hardest hit by these scams (upwards of 50% of those over 65 believe they have been victim of some kind of scam), these crimes are increasing across the board. Do not be so stubborn & cocky you hand over your nest egg or your kids' inheritance because you refuse to see the writing on the wall. Even if you only do one of these things per day, it's better than doing nothing.
Here's a list of steps to help protect yourself. It's easy but can be tedious for non-tech minded people, so take it at your own pace but resolve to complete the list:
Find all your Facebook settings here
Change these 3 settings right now: In your Facebook Settings > Privacy, change all of these to 'No' or 'Only me': "Who can look me up with the email address I provided?" "Who can look me up with the telephone # I provided?" and "Do you want search engines outside Facebook to link to your profile?" This will close a giant gaping security hole in your page if it exists.
Hide your friend list from non-friends. This removes one layer of access to your social circle, making it harder for scammers to guess revealing details about you or get them directly from loved ones. This setting can be found in Settings > Privacy > Who can see your friends list?
STOP ADDING STRANGERS AS FRIENDS. I don't care where you met them (gaming, chat, marketplace, a group or page, etc) or how sincere they seem, if you don't know them in real life or have multiple common real-life friends, DO. NOT. ADD. The risk outweighs any marginal reward.
Clean up your friend list NOW. Delete anyone you don't know or haven't met IRL. This might take a few minutes but will be well worth it. See any duplicate accounts in there? Talk to your friend offline & have them verify which one is their most recent or real account then delete the others. Cloned accounts are a common scammer tactic & you don't want them having access to your private info.
Turn off the "follower" option. While it might be okay for pages & businesses, you don't need strangers following you on your personal profile. Turn this off in Settings > Public posts > Who can follow me.
Stop doing Facebook quizzes/questionnaires. Go back and revoke permissions to any 3rd party apps you've accepted in the past. This is huge & has implications that go way beyond Facebook. 3rd party apps like these quizzes can be created by anyone including hackers who use slick questions to guess your passwords/login questions on other sites. Again, this might be tedious but needs to happen if you're serious about protecting your privacy. You don't need to know which 18th Century Lord or Lady is your Spirit Animal anyway. (Find all your apps in Settings > Apps & Websites).
STOP ANSWERING CALLS FROM UNFAMILIAR NUMBERS. All they need is a word or two, usually "yes" or something that sounds like it, to impersonate you to financial institutions & rob you blind. This isn't the only phone scam either. Many older people who grew up using landline phones view calls as urgent situations that must be tended to but with caller ID, voicemail, texting & other inventions, we now have the luxury of screening our calls and should take full advantage of that. If it's urgent they'll leave a message or call back. These aren't telemarketers & you can't simply tell them to put you on a "no-call" list: they are organized criminals in giant warehouses in countries like Pakistan, India, Philippines, Jamaica & Nigeria who have everything they need to ruin you financially except one or two minor details: that's why they're calling.
Never enter personal info after clicking a link on Facebook. Though the site may look legit, entering info like your credit card or phone number on any page that opens after clicking a link that takes you away from Facebook, Instagram or another social media site is risky. Fake coupon code scams, phishing attacks, malware/spyware & phony fundraisers are just some of the possible outcomes of going to a "2nd location" via a Facebook link. As an added safety measure, always check the URL in your browser to make sure a site is secure (i.e. HTTPS not HTTP) and contains the correct address (Amazon.com, not Annazon.com) before entering sensitive data or making a purchase.
Change your privacy settings so only friends can post on your wall. Scammers will spew long flattering comments under your posts on other pages to gain your trust & get you to add them as friends if your settings don't allow everyone to send you requests. If you're seeing these posts on your own wall though, you need to upgrade your privacy settings stat.
When you allow non-friends to see all the things posted by others on your wall, you're giving them access to your whole social circle, which they can use to find out sensitive info like your your mother's maiden name or your hometown--a possible entry point into your online accounts. And if your friends are less privacy-savvy than you, they might be able to obtain even MORE damning info from them (about you). This can be done by going to "Settings > Profile & tagging > Who can post on my profile? > Friends"
 |
| Look familiar? These are Nigerian scammer accounts. |
Check which posts you have set to "Public". Go to your profile & look at the little icon under each of your own posts. Those that are set to Public will have the "
 |
| View As = on right hand side of your profile on PC |
Report cloned accounts. Go to the Facebook search bar (upper left hand side on PC/laptop) & type in your name exactly as it appears on your own profile. See any others with the same name using YOUR pictures or that have your friends added? Report them ASAP by hitting the "Report Account" button. These accounts are used by criminals to trick your real friends into sharing info or money with them while masquerading as you. They can even spoof your real phone number to make it appear it's you calling! Grandparent Scams are one common form of "cloned account" fraud.
Contrary to popular belief, these people have not "hacked" your account, they've simply copy/pasted your public photos into a new account. This is one reason it's so important to be careful what you share to "Public." Profile & background photos will always be public, so you'll want to avoid putting children in them, showing off expensive items or sharing vacation pictures (cruises, beach pics, etc). Refer to the AARP post at the end of this article on "Grandparent Scams" for why this is a bad idea.
Wait until AFTER vacation to share your pics or discuss your trip. Again, the Grandparent scam thing is relevant here but this also gives hometown criminals a green light to burglarize your home or, in rare cases, allows local predators to track & harm you. Rapper PnB Rock was murdered by a local criminal in a robbery gone wrong after checking in to a LA Roscoe's Chicken & Waffles on Instagram.
Change your password every 6 months & consider using 2-factor authentication. Set a reminder if necessary & don't use something obvious like your child or pet's name. Keep your passwords in a folder or notebook if you have a hard time remembering them. Just be sure to switch it up & don't use the same password across different websites--this is the big one that allows criminals to take over multiple accounts at once should they gain access to one of them.
Never, EVER leave a social media site to chat with someone or give them your phone # for any reason. You've heard the warning not to go to a second location with a kidnapper? Same thing here: Do not go to another chat platform or website with someone you meet on Facebook or Instagram. Even if they claim to be a friend who needs help "recovering their account". This is a scam. Do not video chat with a Facebooker because they're likely trying to record your face to scam all YOUR friends. If your friend claims to need help or money, go visit them in person or call from a blocked number. Social media is no longer a safe place to discuss such matters (and probably never was). And it should go without saying, but never send money to anyone online unless you're buying something from a reputable business.
Talk to your bank representative in person & ask what their policies are to protect you from online fraud. Specifically, the kind where criminals quickly convert the funds to cryptocurrency like that described in the 60 Minutes report. Write down any safety tips they give & consider switching banks or withdrawing some of your $$$ if their answers aren't reassuring.
Damage Control
If a criminal does take over one of your online accounts, immediately remove all your debit/credit cards from all online sites & change all your passwords. With access to only one site they can easily guess your password reset questions (i.e. mother's maiden name, childhood best friend) & lock you out of ALL your online accounts from Netflix to social media to banking, shopping (Walmart, Amazon) & bill pay sites like your cable & electric provider. Worst case scenario, call & cancel your cards & try to dispute the charges. Sadly this doesn't always work. Do not count on your bank's notification system to alert you to this type of fraud. As the 60 Minutes report showed, these criminals have found ways to bypass that system.
The bad news: Once you've fallen for an online or phone scam or responded to them AT ALL, they put you on a "sucker list" that sets you up for more messages/calls. The best reply is no reply. Mocking them, cursing them out or other "clever" replies only gives them more opportunities to record you saying something that sounds like "yes" or whatever their latest scam is. And the techniques are constantly evolving. This is a multi-billion dollar per year industry. And you're not getting that account or money back once it's gone so DO NOT ENGAGE is the best course of action.
As with phone calls, don't open spammy emails from unfamiliar senders. Run malware scans on your device regularly (Malwarebytes is still good for laptops/desktop) & don't connect to open wi-fi networks in public places like book stores. Your wi-fi connection should have a little padlock next to it showing it's secure. Viruses, malware, spyware & other sneaky methods of gaining access to your device are another tactic these scammers employ & your anti-virus software is likely doing more harm than good. If you download an antivirus or malware program, only do so from the program's official website (again, look at the URL).
In general, a laptop or desktop computer is more secure than a phone for conducting banking or other financial business. Apps are prone to major privacy breaches & phones offer reduced functionality overall compared to a computer with a full-size keyboard & screen. Because we take them everywhere, phones track our movements in a way laptops/PC's don't, therefore they should be reserved for less "official" tasks like recreational websurfing whenever possible.
The good news: You can avoid being the victim of cybercrime by observing some basic "don't engage" & "be skeptical" rules with the internet & phone. When in doubt, do not answer that call or private message on social media. Don't click that spammy link in your email or buy something from that shady website. If it sounds too good to be true, it is. Take a few seconds to Google anything that seems questionable or confusing, and read customer reviews--preferably on another unaffiliated site--before using a new product/service/online vendor.
When it comes to romance scammers, bad grammar is a dead giveaway as is overly lovey-dovey language. (Follow Scam Haters United on Facebook for endless examples of Nigerian romance scammers). Stay up to date on the latest scams on AARP.com's Money section & check out the FBI's list of common scams & how you can protect yourself below. Most importantly, remember that new scams are constantly being cooked up so your knowledge of them must evolve too.
The bottom line: We're well past the point where relying on passive measures (bank alerts, security questions w/ easily guessable answers & reporting things to Facebook after the fact) will keep our accounts, both social & financial, safe. Sites like TikTok & Facebook are free to the user which means you're the product--they're not going to help or reimburse you if you have a bad experience. Scam victims like the ones in the "60 Minutes" report are no longer an unlucky anomaly, and the U.S. media's silence is deafening.
Facebook is doing next to nothing about the Nigerian scammer problem just as they did nothing about the disinformation problem during the 2020 election/pandemic. Corporations aren't people & don't have ethics or social responsibility. Those that claim to are merely pandering. Their only responsibility is to shareholders to whom they promised increased profits. This problem started with Reagan & his "small government" ideology but has been enabled by every politician since regardless of party affiliation. Until our regulators get some cojones, platforms like Facebook & Twitter will continue to passively side with scammers, bots & disinformation peddlers. As will banks & other institutions. We're on our own.
I'd go so far as to say that if you're not willing to stay up to date on the latest scams & modify your behavior accordingly, you shouldn't have social media or dating accounts at all. The risk to yourself & your loved ones just isn't worth it. Don't believe me? Just look at all the posts from desperate, scared people in the 2nd paragraph of this article. These criminals have driven people to suicide in extreme instances. 2023 will forever be remembered as the year when Nigerian/Ghanaian scammers took over & AI turned Facebook to a ghost town.
If you STILL aren't convinced, see the charming pics of the gentlemen at the very end of this article proudly posing with the ill-gotten gains they stole from people just like you: the young & hardworking, the elderly & goodhearted, the disabled, veterans, pensioners and so on. Unlike drug dealers who sell a desired (if illegal) product in exchange for money, they're stealing from people via deceptive con tricks while giving nothing in return except heartache. Just because they do it over the internet rather than with a gun to your back doesn't make them any better. They're lower than scum and they're PROUD of what they do. And there's plenty more where they came from.
Let's see if we can get this post to go viral on the major social media sites before the year is up. (Copy/paste the url at the top of the page into your status update box on Facebook, Twitter, etc. or link to it directly on your blog). The more of your friends that see it, the better protected YOU will be. Who knows how many identities & bank accounts could be saved if more people knew these basic but rarely talked about privacy tips?
https://www.youtube.com/watch?v=jxTsI5XvM-c
Scams & Safety on the Internet (FBI):
https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/on-the-internet
Common Scams & Crimes (FBI):
.jpeg)
Comments
Post a Comment