The Macrosite for News, Analysis and Opinion about the Future of the Internet
Craig Agranoff

Hacker: Facebook Riddled With Fake Accounts

Written by Craig Agranoff
5/5/2010 18 comments
DISCUSS     Email This

Verisign Inc. (Nasdaq: VRSN)'s iDefense Labs is reporting that a Russian hacker calling himself "kirllos" is offering Facebook accounts on the down-low. For just $25, you can get 1,000 login credentials for accounts with fewer than 10 friends each; or for $45, the same number of accounts with more than 10 friends.

Why so cheap? There are likely two reasons for the low price. First, the low friend counts probably point to most of the accounts being bogus scam accounts created by robots that then auto-troll for friends. Second, having access to the Facebook accounts and actually making money from them are two different things. Unlike email logins or credit card information, turning a Facebook account into scammed cash takes a little more effort and ingenuity -- much of which can't be automated, as can email scams.

In fact, according to Symantec Corp. (Nasdaq: SYMC)’s latest Internet Security Threat Report, email user names and passwords are going for up to $20 each. Credit card lists are often higher. Compare that to the 25 cents for a Facebook login.

The New York Times reports that kirllos has access to 1.5 million Facebook accounts -- nearly 1 in 300 of Facebook’s estimated total account tally.

Facebook denies this is possible and says that kirllos is well known as a big-mouth in the hacker community. When Facebook's own investigators attempted to purchase accounts from the hacker, they were never delivered the goods.

When this reporter attempted to contact Facebook for a direct reply about this hacker and VeriSign's report, no one could immediately respond.

Another source acknowledges the problem of fake accounts on social networks, not just Facebook. “There are tons of fake accounts on [Facebook], though [a] small percent compared to the numbers on Twitter. I'd guess under 5 percent are fake on Facebook versus 20 to 25 percent on Twitter,” states Brian Breslin, CEO of Web development firm Infinimedia, in an email.

He sees the issue as out of the site owners’ control: “Facebook itself is pretty clean of malware, however, they can't be responsible for the offer ecosystem that is built around the games. Third- and fourth-party ad networks are the ones who need to be held responsible for not screening their offers. Once they crack down on those networks, we'll see the malware evaporate.”

Some users on Facebook have been compromised before, and Facebook's own safety and security pages give the two most common types of account compromise: phishing and money transfers.

Phishing is a simple scam in which a hacker gains access to a user's account and then sends emails, messages, or other contacts to the account's friends, attempting to get them to click a link or otherwise visit a Website that will ask for personal information (likely a Facebook or payment service login). These work well, simply because most people believe the messages come from trusted friends.

Money transfer scams are more straightforward and are simple requests from the hacker (using the compromised account) to get money from friends.

Facebook's site says that they work hard to restore (rather than ban) compromised accounts, trying to detect how an account was compromised and re-securing it for the original user so all is not lost.

While the claims of kirllos may be exaggerated, it’s clear that social networking sites like Facebook and Twitter are often targets of attack. So protecting yourself is more than just keeping your PIN numbers hidden and not divulging your SSN through email. Nowadays, it takes a lot more vigilance.

"The usual stuff applies no matter where you are on the Web," says Raphael Caixeta, an independent Web developer and entrepreneur based in Florida. "Use passwords that aren't linked to other accounts, that do not have easy-to-guess words in them, and especially do not log into your accounts from public computers or over unsecured WiFi connections. Most importantly, only friend people you really know and do not follow links blindly just because one of your friends sent it to you. Look at the URL and make sure you know where you are going."

— Craig Agranoff is an entrepreneur and national social media consultant as well as a published specialist in online reputation management and monitoring.
DISCUSS     Email This
Current display:       newest comments first       display in chronological order
Page 1 of 2   Next >
Mr. Roques
Researcher
Tuesday May 11, 2010 10:46:35 AM
no ratings

Why would Facebook block people who are creating bogus accounts and selling them to scammers? ... hmmm! Let me think about it.

What I don't get is how do the scammers make money? After they buy a few accounts, they send private messages to their scamming websites?

Mashka
Researcher
Saturday May 8, 2010 2:25:33 PM
no ratings

Craig, i just do not get it.Why does somebody need data  of Facebook accounts and who will pay to get such information?

DavidSilversmith
Thinkernetter
Friday May 7, 2010 6:37:56 PM
no ratings

Geeks Create Accounts

Anybody who builds internal or web based systems that have authentication knows that there is an ugly secret hidden in your authenticaton file and that is all the test accounts you create.  Now, this may seem small, but multiply this to the thousands of developers writing applications for Facebook or integrations with Facebook.

Cheapskates Create Accounts

As businesses try to use Facebook to gain fans (or likers) they offer incentives.  Get a coupon for 50% off if you become a fan and three of your friends sign up.  A recent Facebook campaign from Breuggers bagels offered a free bagel with cream cheese.  Now, if you have three accounts that could be three free breakfasts.  And plenty of sites like Slickdeals.net publicize deals like this.

Now add in the hackers and you have fake accounts galore!

Amy Rogers Nazarov
Thinkernetter
Friday May 7, 2010 10:43:26 AM
no ratings

Craig, you quoted Brian Breslin of Infinimedia:

”Third- and fourth-party ad networks are the ones who need to be held responsible for not screening their offers. Once they crack down on those networks, we'll see the malware evaporate.”

Um... why would Facebook not just continue to turn a blind eye toward one of its only revenue sources? There's no incentive for 'em to "crack down on those networks."

Related to revenue, do you think a FB users pay to use would be a safer FB? It's probably just another rumor making the rounds, but that threat of $14.99 per month for FB access crops up time and again. As another poster said, 350 million users secures FB's place in cyberspace, even if a bunch drop off should FB decide to levy a fee-for-use. Some will yell and gnash teeth, but given some folks' dependence on the site, many will suck it up and fork it over.

Susan Fourtané
Thinkernetter
Friday May 7, 2010 6:47:16 AM
no ratings

After all the discussions on IE about Facebook's privacy management and hacked/fake accounts I got a surprise from Facebook. It seems like if you log in from a location which is too far from your regular log in location (a different state or country) Facebook asks you to confirm identity before letting you access your profile. I found it interesting. 

-Susan 

mtechie
IQ Crew
Thursday May 6, 2010 5:47:47 PM
no ratings

Oh yeah... that myspace thing.  It's pretty awful and still plenty of folks continue using it.  Good point.

pcharles
IQ Crew
Thursday May 6, 2010 5:22:02 PM
no ratings

I think alot of things will lead to a mass exodus on FB. It's not just the privacy, hacked accounts alone. I think there are so many things going on all at the same time on the site that you lose the simple, fun aspect that you had when you joined years ago.

rjacksix
IQ Crew
Thursday May 6, 2010 5:20:18 PM
no ratings

350 Million people don't go anywhere (or leave anywhere for that matter) quickly.  I think Facebook is here to stay.

 

(even MySpace is still kicking, right?)

mtechie
IQ Crew
Thursday May 6, 2010 4:34:54 PM
no ratings

Chris, do you think this type of activity combined with Facebook's most recent privacy updates will create a mass exodus from the service?

mehrab
Rank: Fire starter
Thursday May 6, 2010 11:52:34 AM
no ratings

It's a good advice. I think future incarnation of all browsers should implement this TweetDeck feature.

Page 1 of 2   Next >
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
previous posts from Craig Agranoff
Craig Agranoff
Craig Agranoff   6/10/2010   5 comments
Linden Lab , the San Francisco-based company that created virtual world Second Life, is in the midst of major restructuring. The vendor has laid off about 30 percent of an estimated 330 employees -- mostly overseas -- and is consolidating operations in its North American offices. Some employees in the firm's Seattle office were also let go.
Craig Agranoff
Craig Agranoff   6/10/2010   10 comments
The Veterans Health Administration/Office of Information Technology (VHA/OIT) held an Innovation Competition in which VA employees submitted ideas for improving veterans' healthcare with new or improved information technology. From the project, 26 ideas have been awarded funding for prototype testing and possible initiation within the VA's healthcare system.
Craig Agranoff
Craig Agranoff   6/8/2010   9 comments
Most people probably saw the story a few days ago in The Wall Street Journal, which was then picked up by nightly news and other outlets, about pharmacists using the Internet to improve hypertension control. Physicians and researchers, concerned about the high rate of uncontrolled hypertension among patients who are taking medication, decided to try a new method.
Craig Agranoff
A couple of questions arise now that Walmart is selling iPhones for $97: Will this move by Apple Inc. (Nasdaq: AAPL) to discount last-generation iPhones through Walmart help or hurt its perceived dominance as the leading-edge mobile tech company? And since most of the details of the new iPhone due out this month have already been released, thanks to a careless Apple employee, will the lower price at Walmart convince consumers that the next-generation is not really worth the $400 higher price tag?
Craig Agranoff
Craig Agranoff   5/25/2010   18 comments
Yahoo Inc. (Nasdaq: YHOO) has purchased an Indonesian Internet service provider and held a press conference with partner Nokia Corp. (NYSE: NOK) in what could be a herald of things to come for the once-prominent search giant.
5
of
Mary E. Shacklett
Doing Social Networking Right
3|19|12   |   2:31   |   9 comments

Companies are still getting their feet wet with social networking and what employees should and shouldn't broadcast. But they don't always involve HR and PR. Here's why they should, and what they risk when they don't.
Ann Cavoukian
Privacy Is Everyone's Responsibility
11|1|11   |   4:01   |   17 comments

Ontario's privacy commissioner offers advice to businesses and users for protecting privacy online.
Wisdom of the Big Chair
Big Brother Is Watching the Web
10|19|11   |   2:57   |   6 comments

The US government is funding controversial projects to collect daily Internet activity, including Web searches, Twitter messages, Facebook and blog posts, and the digital location trails generated by billions of cellphones. Its goal is to map these interactions to predict social behavior, such as protests.
Eben Moglen
Defining 'Freedom Boxes'
6|10|11   |   2:53   |   5 comments

Our online communications and privacy are being threatened by governments and corporations. Eben Moglen believes it's time for a People's Internet, made possible by "Freedom Boxes."
Beau Brendler
Skype Buy Should Come With Security Upgrade
5|12|11   |   1:19   |   3 comments

Skype's acquisition by Microsoft should speed up some long-needed security measures and help the company rise above the social networking risk level. Skype users faced an increasing onslaught of spammers and would-be fraudsters, while left with less-than-friendly means of setting privacy filters.
Second Shooter
Over-Sharers: Time to Be Afraid!
5|5|11   |   2:10   |   18 comments

WikiLeaks' founder says that Facebook is an instrument for government spying. Whether that's true or not, we're sharing too much, and we’re on the edge of compromising the notion of identity, and with it of privacy and commercial protection.
Second Shooter
In Nothing We Trust
11|19|10   |   02:09   |   10 comments

We think everything online is a scam these days. Facebook has ideas on how to establish trust on the Internet, but can anyone trust Facebook?
Rob Salkowitz
The Use & Abuse of BI
2|1|10   |   2:19   |   4 comments

Data mining of social networks means people might face unforeseen consequences as a result of their seemingly innocuous personal choices and associations.
Steve Saunders' Outernet
The Death of Anonymity: Part 3
Part 3 of 4   |   See complete series
10|28|09   |   1:35   |   4 comments

What can users today do to protect their online privacy? The simplest and most obvious option is to not use the Internet – at all. However, once all digital information is consolidated over the Internet, trying to protect digital identity by simply unplugging from the Internet becomes impossible – a fact that has manifest implications for civil liberties, Saunders says.
Steve Saunders' Outernet
The Death of Anonymity: Part 2
Part 2 of 4   |   See complete series
10|27|09   |   2:08   |   9 comments

By 2011 the number of Internet-connected sensors will exceed 1 trillion, making your chances of doing anything or going anywhere unnoticed pretty much zero. Saunders talks about how the 'sensortization' of the Internet is eliminating the traditional divide between online and offline populations.
IETV: the thinkerNet on film
5
of
John Kennedy
How Big-Data Is Changing Marketing
6|13|13   |   1:07   |   1 comment

Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
Kim Davis
Big-Data Can’t Always Sell Wine
5|21|13   |   2:23   |   10 comments

Whole Foods Global Wine Purchaser Doug Bell told me about some of the constraints on using analytics in the US wine market.
Paul J. Fleuranges
Digital Signage Keeps NYC Subway Straphangers on Track
5|6|13   |   3:51   |   1 comment

New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
Kim Davis
Fast Forward to the Future
4|23|13   |   2:29   |   20 comments

A look back at tech writing in the 90s makes us wonder where enterprise IT will be 20 years from now.
Mitch Wagner
Google Launches Its Most Depressing Service Yet
4|15|13   |   2:59   |   10 comments

Google's new Inactive Account Manager lets you control how Google disposes of your accounts when you die.
Second Shooter
Argument Over Top-Level Domains Is 'Stupid'
4|11|13   |   2:07   |   3 comments

The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
Kim Davis
Ladies, Your Tablet Awaits
3|21|13   |   2:22   |   37 comments

ePad Femme is the world’s first tablet “made exclusively for women.”
Wisdom of the Big Chair
NFC Moves Into the Mainstream
3|20|13   |   2:16   |   No comments

While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Wisdom of the Big Chair
Integrating Security Into Your Cloud Contract
3|19|13   |   3:35   |   No comments

Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Brian Baron
How Edmunds.com Collects Customer Information
3|18|13   |   1:15   |   No comments

Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
2pm EDT
Fri
Jun 21st
an IBM information resource
sponsored content
big blue blog
Todd Watson
Todd Watson   6/18/2013   Post a comment
The IBM Smarter Commerce Global Summit in Monaco kicked into high gear today, and we've already begun to see news emerging from that lovely city-state by the sea.
an IBM information resource
sponsored content
Expert Integrated Systems: Changing the Experience & Economics of IT
In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator.
READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE!
REGISTER HERE
Wanted! Site Moderators
Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?

Please email: moderators@internetevolution.com
Internet Evolution – not for thickies
Taking a Dim View of Home Energy Management Tech
Mary E. Shacklett
Energy consumption is a primary contributor to global warming. At the end of 2012, 40 percent of energy consumption in the US came from commercial and residential buildings.
CLICK FOR MORE
Checklist for a Watertight Cloud Computing Contract
Charlotte Erdmann
Midsize businesses rarely achieve the same standards of security in their own datacenters as professional providers that specialize in delivering these services to organizations.
CLICK FOR MORE
Checklist for a Watertight Cloud Computing Contract
Charlotte Erdmann
Midsize businesses rarely achieve the same standards of security in their own datacenters as professional providers that specialize in delivering these services to organizations.
CLICK FOR MORE
IT's Time for PaaS Is Here
Jeff Kaplan
It was about 10 years ago when a new generation of software-as-a-service (SaaS) alternatives started to gain acceptance and adoption among organizations of all sizes. And it has only been about five years since Amazon Web Services captured the marketplace's attention with Amazon EC2 and Amazon S3, which opened the door to a vast array of infrastructure-as-a-service (IaaS) offerings. Now, the third piece of the cloud computing puzzle is beginning to win over organizations seeking to build their own apps: platform-as-a-service (PaaS).
CLICK FOR MORE
Checklist for a Watertight Cloud Computing Contract
Charlotte Erdmann
Midsize businesses rarely achieve the same standards of security in their own datacenters as professional providers that specialize in delivering these services to organizations.
CLICK FOR MORE
Checklist for a Watertight Cloud Computing Contract
Charlotte Erdmann
Midsize businesses rarely achieve the same standards of security in their own datacenters as professional providers that specialize in delivering these services to organizations.
CLICK FOR MORE
Amazon Revolutionizes Book Publishing
Mansur Hasib
The publishing world has long been controlled by powerful companies with high costs, barriers to access, restrictions on distribution, one-sided copyright ownership contracts, and lengthy delays in getting critical information and knowledge out to a broad audience. In this world it often seemed all but the most famous of authors controlled little while publishers controlled everything. In the academic community, the sad result has been an excessive price increase in the cost of textbooks. Technology is finally empowering authors.
CLICK FOR MORE