Scam of the day – May 5, 2017 – 10 Concerts I’ve been to Facebook scam

Facebook is very popular with the general public and anything popular with the general public becomes a popular platform for scammers.  I have written about many Facebook scams over the years, but the latest one is particularly dangerous because it appears so innocuous.  It comes up on your Facebook page under the headline “10 Concerts, but there is one act that I haven’t seen live.  Which is it?”  While this may appear harmless, the information you provide may tell more about you than the person who appears to be posting it.  It may provide information about your approximate age and preferences in music which can then be used by a scammer to send you a phishing email tailored to appeal to your particular interests that you may trust and click on a link contained in the email that contains either keystroke logging malware that can be used to steal your identity or ransomware.


We all tend to put too much personal information on social media that can be exploited by scammers and identity thieves to our detriment.  However, if you, as many people do, find this game and other similar games to be fun to play, you may want to just adjust your privacy setting to “friends only” so that you limit who gets to see your answers.

Scam of the day – June 24, 2013 – Facebook data leak

Facebook has just announced that through a technical flaw that first started over a year ago, the telephone numbers and email addresses of six  million of its users were improperly provided to other Facebook users who downloaded contact data of their “friends.”  In and of itself, this dos not create a problem and Facebook was quick to point out that there presently is no indications that the information has been used for purposes of identity theft or the specialized form of phishing called “spear phishing” where identity thieves are able to more effectively lure their victims to websites tainted with dangerous malware that can be used to steal personal information from the victim’s computer or portable device.  In spear phishing, people are more apt to believe the phony email that starts the scam because it is directed to them by name and appears to be from a company with which they do business.  The problem is many faceted.  Many people accept too many other people as their “friends” on Facebook without even really knowing these people who in many instances are identity thieves and scam artists out to exploit their Facebook connection with their victims.  Additional personal information such as telephone numbers and email addresses can be used by identity thieves to help steal their victim’s identity .   Just as troubling is the fact that this situation once again shows that your personal information is only as safe as the person or company with the worst security measures that has your information.


In general, you should try to limit, as much as possible, the number of places that have personal information about you.  If someone with whom you do business wants to use your Social Security number as an identifying number, you should propose to them that they use another number, such as your driver’s license number instead of your Social Security number.  In particular, as to Facebook, you should limit the amount of personal information that you provide.  Information such as your birthday or the name of your pet can put you in jeopardy as to identity theft or guessing your passwords.  For more detailed instructions as to how to protect your privacy and security on Facebook, check out my book “50 Ways to Protect Your Identity in a Digital Age.”