Monday, June 16, 2014

Come Into My Facebook Page Said The Dressmaker To The Hacker

Hacking is not all that sophisticated in every instance. The easiest way for a hacker to get into your accounts is by having you let him/her in (usually it's him so let's make this simple). He knocks and you open.

That is how Justin Brown lost control of his Facebook page, where his clients would come to find out about his services and then contact him for fashion design and apparel.

Mr. Brown was wondering if he was reaching his target audience so he contacted Facebook. An e-mail came back to him with instructions on altering his page settings, and he thought it was Facebook trying to fix his problem. As it turned out, the hacker sent him a scam e-mail that appeared to have come from Facebook, the resemblance sufficient to fool Mr. Brown into believing it was real.

He did as directed, making the required changes to his settings, and the next thing he knew, he no longer controlled the page.

Everything he had set up on Facebook to attract clients was suddenly turned into a pornography site, with links to sex videos. Thousands of euro worth of advertising to bring traffic to his page was instead bringing traffic to a hacked page that did not lead to increased business for Mr. Brown. It was money down the drain, with no customers coming in to bring a return on  the advertising investment.

Naturally, everyone who tried to get through to the dressmaker via Facebook could not contact him, and as they knew no other way to contact him than via Facebook, Mr. Brown lost clients. Then there would be those who thought Mr. Brown was not legitimate while the page was, and he lost out on potential clients who would have been upset at being sent to a sex site when they were looking for clothes. For over two weeks he was essentially out of business, without a place in social media to act as his storefront.

The hacker is not making any money off the hacking, which is clearly intended to disrupt a man's life and ruin his business on a lark. The hacker hacked because he could, and so he did, and if an innocent man is hurt, well, it's all great fun isn't it.

Facebook was of little help to Mr. Brown, but then again, so many phishing scams are launched at the website that the administrators are hard-pressed to handle them all. Besides phishing, you'll get disgruntled ex-spouses or former lovers looking to cause trouble, and how can you prove you're not a hacker yourself when you lodge a complaint with Facebook about a hacking?

The social media site can do little more than issue guidance to its users, warning them of phishing scams and suggesting ways to determine if an e-mail is real or not.

Mr. Brown has regained control of his page after contacting a newspaper which in turn contacted Facebook. He will be more cynical in the future, more aware of the dangers of taking things at face value because that is how the hackers operate.

It's a question of looking for the right clues, of always being suspicious and verifying the source of an e-mail before opening it. Trust, but verify? Or is trust gone when it comes to the Internet?

No comments: