Tips for Recognizing Hacked Facebook Messages

Earlier today, I received the following message from a Facebook friend:

Eric,

There's this house i'm interested in. The Company selling it put it up on their online catalogue. Please i need your help, go through it and tell me what you think. Don't want to make any crazy decision.

www.facebook.com/l/MAQHc37TSAQG_1k9-Wamxt74jv4CvhYteFrESiRpC2wT5-Q/xoes.xxmn.com/remax/remax/index.htm

Thanks.

Looks innocuous, doesn't it...just a heartfelt plea for some friendly advice. In actuality, the message was sent from a hacked Facebook account and the link (which in the original message was clickable) no doubt leads to a malware-loading or phishing website. I didn't follow it to find out; feel free to test it yourself and let me know the result.

So, how did I know this message was bogus? After all, it came from a legitimate Facebook friend (whose identity I won't reveal), and it came via Facebook's legitimate message feature.

Let me share the process I went through to determine this was a message with a nefarious intent, and perhaps you'll find it useful in applying critical thinking to your social media activities.

First, I used some common sense to assess the validity of the content of the message itself. I know this friend well enough as a former co-worker to realize that he would never solicit advice from me regarding a new home purchase. He refers to "the Company" and that's a red flag since we haven't been co-workers for more than a decade and as far as I know he doesn't work for the CIA. He's also American, and would never spell "catalogue" that way. In other words, the request didn't pass the sniff test; it just smelled funny.

Then there's the hyperlink. It does contain the word "remax" which is a legitimate realtor...but that term doesn't show up as the primary web address. It's a directory located somewhere within something called xxmn.com, which I've never heard of and I'm pretty sure I don't want to know anything more about.

Given those two warning signs - an out-of-character message containing an obviously bogus hyperlink - I messaged my friend with a warning that his Facebook account may have been hacked, and deleted the message.

However, it's not exactly that simple. Instead of replying via email to the message I received from Facebook, I went to my own Facebook account, clicked on the Friends link, found the sender's link, went to his Facebook wall, and messaged him from there. Why? Because, out of an abundance of caution, I was avoiding the possibility that the real danger of that message was not necessarily in the bogus hyperlink it contained, but in the email itself.  For all I knew, someone was spoofing Facebook's email address and my replying to it would have opened me up to additional harrassment. (I'm being a bit overdramatic in this regard, because it was actually pretty simple to confirm that the email was sent legitimately through the Facebook messaging system. If you don't know how to do this, use the circuitous-but-safe route I just described.)

I think Facebook has gone a long way in closing security holes, but there's one that will never disappear completely: the lax/uninformed/non-cautious user. As long as bad guys can access legitimate user accounts, they'll continue to generate social media malfeasance. So, use a strong password (you do what that means, don't you?) and change it regularly and don't put it on a sticky note on your monitor and don't let your kids login into your account. We'll all be happier as result.

About this Entry

This page contains a single entry by Eric published on September 1, 2012 8:38 PM.

Dining fit for a Mogul at the Shahi Tandoor was the previous entry in this blog.

Drill Site Scenes is the next entry in this blog.

Archives Index