Credit Card Guide
 
Follow Us  twitter facebook You Tube Google+
 
Credit Cards > Credit Card News > Credit Cards General > Card Fraud Scheme Targets Facebook Users



 
 

Card Fraud Scheme Targets Facebook Users

 
By
February 7, 2013

tools
tools
email print comment
tools
SHARE

Facebook users may want to think twice before storing any sensitive personal or credit card information on Facebook-linked apps.

A recently publicized scam shows that, even if hackers can't steal stored credit card information directly from Facebook, they can use Facebook to vet potential victims — and attack later.

How the scam works
The scam was discovered and tracked over 2012 by IT security company ESET, which published its findings in January 2013. It does not involve criminals stealing credit card account information stored by Facebook. Instead, it's akin to a burglar casing your home to learn your habits and peering in your windows to see what you have to steal.

In the scam, hackers set up a botnet of more than 800 computers infected with a social engineering Trojan horse. Also referred to as the “PokerAgent” botnet, the malware network managed to steal the Facebook login credentials of more than 16,000 users. ┬áThe malware specifically targeted Facebook users playing Zynga Poker, one of the most popular online poker sites in the world, which offers a specialized Texas HoldEm Poker App for Facebook users.

“It's the first time we've seen hackers exploit Facebook itself for spreading malware,” says Cameron Camp, a security researcher with ESET. “The botnet was cleverly designed to spread pieces of malicious code between Facebook users.”

One of the ways the malware harvested Facebook users' login credentials was to infect victims' Facebook profiles with links to a phishing site. The link lured the victims' friends to a false Facebook home page, where hackers harvested their login information when they logged in to see their friend's “shared” link

Once the malware had harvested the Facebook credentials of users, it used them to log in and take a look at very specific information on the person relating to their Zynga poker activity. The goal? To target users with the most resources. Although the hackers couldn't get the actual full credit card numbers (Facebook displays only the last four digits), the details they could see were valuable in and of themselves.

“The malware harvests a complex combination of the victim's Zynga poker ranking, how many chips a person has and whether the person has any credit cards linked to his account,” Camp explains. “It's a way of finding victims that have something that might be worth stealing.”

Fraudsters could then either use the information gathered themselves, or more likely, bundle and sell it on the underground black market along with other stolen credit card data, says Camp. Either way, once the criminals had a hit list, they could later target those on it via email phishing and other techniques to get credit card numbers.

Protecting yourself
Should you be concerned? The PokerAgent Trojan horse targeted only users residing in Israel, and there have been no reports about U.S. activity. However, Camp warns that the malware is able to choose targets very precisely and, presumably, could just as easily be rolled out in any other number of geographic locations.

Facebook has already taken preventive measures to prevent future attacks. But still, Camp recommends, if you use Facebook apps requiring payment, never store credit card information in your Facebook settings. Instead, enter the payment information each time you purchase something.

In addition, when entering your login credentials on Facebook, always check the URL to make sure you're on the right site. If users infected by the PokerAgent malware had checked the URL before logging in, they would have quickly recognized that they were on a scam site rather than Facebook.

To further protect yourself against fraud, download the ESET Social Media Scanner, a free Facebook app, which will scan your user profile for the presence of phishing links and also detect malicious links that might be present on the timelines of your Facebook friends.


Share 
 
     

 
 

VIEW RELATED STORIES

What's so bad about car title loans? - If you're strapped for cash and thinking about taking a car title loan, consumer advocates say you should put on the brakes ...

What you should know about title loan buyouts - While you may feel trapped in a car title loan, a buyout could put you even further into debt ...

A chip in your credit card? Here's what to expect - In an effort to fight fraud, card companies in the U.S. will be issuing cards with chip technology. What does it mean for you?

ALL CREDIT CARD NEWS & ADVICE ARCHIVES >>

 
     

 
  If you are commenting using a Facebook account, your profile information may be displayed with your comment depending on your privacy settings. By leaving the ‘Post to Facebook’ box selected, your comment will be published to your Facebook profile in addition to the space below.
 
     


 
Secure SSL Technology
Secure SSL
Technology
 
Twitter Facebook You Tube Google+
About Us Privacy Policy Editorial Team Terms of Use
Contact Us California Privacy Rights Media Relations Site Map

Close X