The publication of stolen personal Facebook data is expected to lead to an increase in phishing scams and online fraud – and experts say it’s ‘extremely likely’ your phone number is included if you have an account.
The data – which includes phone numbers, names, location details, birthdates, email addresses, relationship statuses and bios of 533 million Facebook accounts from 106 countries – was stolen in 2019 when the social media giant did a security upgrade.
But the data was dumped for free in a hacker forum over the Easter long weekend – including the details of 7,320,478 Australian Facebook users.
Even if you did not have a phone number visible on your Facebook account, the data can still be traced because in many cases it is used in the ‘back end’ if you need to quickly reset your password.
‘This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,’ tweeted Alon Gal, Chief Technology Officer for cybercrime company Hudson Rock.
It is understood Facebook founder Mark Zuckerberg’s own personal details were leaked.
Zuckerberg’s name, location and marriage information, date of birth and Facebook user ID were published on the hacker forum.
Experts say the data publication will almost certainly lead to increases in various cybercrimes – criminals looking to scam, defraud or steal money via not just websites but also email, text messages and even phone calls.
A common approach tactic is when someone contacts an unsuspecting member of the public asking them to verify their identity by clicking on a link.
‘These types of phishing attempts remain the most recurrent type of scam in Australia, and so individuals should always be wary of any communication whether that is in the form of email, text message, social media, or via a phone call, from someone they do not recognise,’ Crispin Kerr, vice president of cyber security firm Proofpoint told the Australian Financial Review.
While Facebook did not leak the data, experts blame it for not adequately securing people’s personal information.
‘I have yet to see Facebook acknowledging this absolute negligence of your data,’ Mr Gal said.
A Facebook spokesman said in a statement to DailyMail.com: ‘This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.’
‘Facebook knew about this in 2019, but at the time the data was very very hard to get a hold of,’ Josh Lemon, a digital forensics expert from Ankura told the AFR.
But that changed when a user in a hacking forum tried to sell the data in January, and at Easter when the entire database of stolen Facebook personal data was posted on the same website for free.
Mr Lemon said the release of data could prove very serious if criminals or stalkers attempted to track someone who was under protection.
What is a ‘phishing’ scam?
Phishing scams are attempts by scammers to trick you into giving out personal information such as:
How do they work?
A scammer contacts you pretending to be from a real business such a bank, telephone or internet provider.
You could contacted by email, social media, phone call, or text message.
What might the scammer ask?
For you to provide or confirm your personal details.
They could claim your bank or is verifying customer records due to a technical error.
They might even offer you a prize to fill out a survey.
The scammer may already have your credit card number and ask you to confirm your identity by quoting your 3 or 4 digit security code. Do NOT do this.
What to do if you have been scammed?
If you think you have provided your account details to a scammer, contact your bank or financial institution immediately.
Find more information here
Source: Thanks msn.com