Facebook users are being warned to be vigilant after it was revealed that Nigerian scammers are infiltrating user accounts in an attempt to extort thousands from “friends”.
Reports in the Sydney Morning Herald told of how Karina Wells of Sydney, Australia was approached by her “friend” Adrian, claiming to be stranded in Lagos, Nigeria and in need of $500 to pay for a return flight.
The message was however sent by a would-be fraudster who had stolen Adrian’s Facebook account details via what is believed to be a seperate phishing or malware attack.
The scammer instructed Wells to deposit the money in a Western Union money transfer account, but was foiled when Wells convinced them into disclosing further details.
Wells claimed that whilst the scammers used “relatively good English”, her suspicions were raised when the message used the term “cell” as opposed to the more common local term of “mobile phone”.
Wells continued in dialogue with the fraudster, obtaining further information, including their Western Union account numbers, before passing on details of the scam to the police.
“Naturally I was concerned as, to all intents and purposes, this seemed to be legitimate,” she told the Sydney Morning Herald.
“I pretended that I would help, obtained all the details of where he was and forwarded them to both Facebook and the relevant authorities.”
The scam, which is a variation of the common “419 scam” that is widely associated with Nigeria, is one of many currently being used to distribute malware or extort money via social networking sites such as Facebook, Myspace and Bebo.
Typically, the victim receives a Facebook message from a friend with a subject such as “LOL. You’ve been catched on hidden cam, yo” or “Nice dancing! Shouldn’t you be ashamed?”
The body of the message contains a video clip link that appears to go to a legitimate site such as Facebook or YouTube but, when clicked on, it takes the user to a bogus web page.
Before the users can play the video they are told they need to download a video player upgrade, which is in fact a password-stealing virus.
The stolen account details are then used to contact the users friends with requests for money, or to further distribute malicious software.
In September security firm WebSense reported on spam emails, seeming sent from an @facebookmail.com address, that tell the victim they have received an invitation from Facebook to add a friend.