Remember Tom from Myspace? If you’re too young to remember, he was the automatic first friend for anyone who registered to Myspace. Not only was he the first friend you had, he was a staple of every Myspace profile. The one common denominator for everyone on the network, tying all users together with a common friend, ensuring no one would be alone. Tom. What a guy.
It’s nice to reminisce over the days when that mild curiosity of a friend somehow ended up on your list of social media connections. As the internet matured and social networks moved from the fringe to a dominating aspect of life, something else happened. People began to take notice of the potential of the vast amounts of personal information we publicly, or semi-publicly store on our social media profiles. This information can include birthdays, full names, phone numbers, email addresses, physical addresses, and family photos with details of events in a certain time and place. In the hands of a complete stranger, this information can be… creepy.
Not only creepy, this information can be outright dangerous and threatening on more than one level. Let’s take a look at a few social profiles that have made the innocent mistake of putting too much information that can easily be snatched up by strangers. By the time you finish reading this, you’ll want to lock down your social media accounts like a pro and change your passwords frequently. Keep reading because it’s about to get a little rough.
What is a Fake Facebook Profile?
A fake Facebook profile is an account set up made to look like a real person, and there are roughly 81 million of them. They can vary in quality from downright awful and not fooling anyone to nearly impossible to tell apart from the real thing. Like most good social engineering techniques, they’re set up by people, not robots (yet), and can be used for more benign tasks such as marketing a product or business in places where a company Facebook page cannot reach, such as Facebook groups, which are reserved for personal profiles only. But they can get more sinister. “Facebook stalking” used to be a casual phrase college students used to check out their classmates and people they were interested in without overtly asking them. But for some people it didn’t (and still hasn’t) stopped there.
You don’t need to dig too deep for a story on the news about a perpetrator being arrested for stalking. As of March 11, Taylor Swift’s latest stalker is now behind bars. It’s not uncommon for the stalker to gather the phone number and pictures of a victim (or someone close to them) through Facebook. Then it gets even weirder. In the case of a Pennsylvania man who was obsessed with a woman he never dated, he created a fake profile in her boyfriend’s name in an attempt to distance the two of them, using pictures and his phone number, gathered from his profile. He pled guilty and the case is now closed, but the stories keep coming, and many aspects of personal details that were leaked can be avoided when you use caution on Facebook.
Fake profiles can also be used for intelligence gathering – on many levels. In October 2015, NBC News reported that ISIS sympathizers created a fake Facebook profile on behalf of a retired Colorado state trooper. The account was then used to befriend other law enforcement officers and gather intelligence. Because the account was created a day before being reported and taken down. But they’re not caught every time.
Hamas has also been called out for creating fake profiles with the purpose of befriending IDF soldiers, who receive requests from attractive, bikini-clad teenage girls. The connection allowed fake profiles to see updates from soldiers, and even join Facebook groups for soldiers. Occasionally, soldiers posted pictures of themselves gearing up for an operation, alerting Hamas of imminent movement and allowing them to prepare. The group took things a step further, chatting with soldiers and sending a link over Messenger that was actually a Trojan horse that would give the hackers control over the phones, sharing everything from GPS data, photos, text messages, to the ability to install additional apps on the phone.
Techniques behind fake Facebook profiles
Open a profile, don’t upload a picture at all, or if they do upload a picture, it’s an obvious stock image that’s already been recycled through the internet thousands of times. These don’t fool anyone, but sometimes they don’t even need to. We all know someone who accepts every friend request they get, and it gets annoying when their profiles get hacked, or you start getting friend requests from weird half-profiles with that particular friend in common.
Usually a young attractive female with a few scantily clad pictures and poses, a profile that’s been around from a few days from a few months, very few friends for someone who appears to be so popular, and most of those friends are all guys who don’t look like they’re happily married. It’s pretty clear early on that everything they assume about your lifestyle and tastes came from a mix between a rap video and Keeping Up With The Kardashians. But hey, not everyone cares, as long as this attractive person wants to be their friend. Who knows? They might even be real… *Clears throat, clicks “Accept friend request”
The profile appears to belong to a normal person, just like you, and not a photoshopped supermodel. It could be imitating a real person you actually know. Not only that, the profile has been around for a while, even several years, and has friends who also appear genuine. You may not know this person, but they look like they could be nice, so you click accept.
Dangers of accepting friend requests from fake profiles
Scammers and Phishers – If you made your profile assuming that all the information you placed there is private and will remain private forever, you make the perfect target for these fake profiles. Would you give your full name, date of birth, family photos and hobbies to a complete stranger? If you haven’t been careful, you might have already done so. Lock it down and change your passwords now.
Criminals and Terrorists – Do you work in law enforcement or the armed forces? You’re a target. A lot can be learned from scanning your profile, such as where you patrol, what you do, how alert you seem to be, and upcoming exciting news. Allowing profiles affiliated with criminal or terrorist organizations to view your profile gives them a window to your life and job. Keep your friends alive and stay smart. Purge your accounts of people you don’t know, and then lock down your accounts.
Steps to prevent falling for fake Facebook profiles
- Change your habits – Don’t accept every friend request without being skeptical. It’s okay to do this, no one who matters online will judge you.
- Inspect what you don’t expect.
- Report the fake profile – there’s even a button for it.