10 likes | 31 Views
Social media has some great advantages, such as keeping in touch with loved ones and sharing experiences with friends, but like almost anything on the internet, it can be easily abused. With some creative thinking and a little luck on the side, it is possible for it to be used as a vehicle to steal money from unwitting victims.
E N D
Could your social media account be spoofed, why would anybody do it, and what can you do to avoid having a doppelgänger? Social media has some great advantages, such as keeping in touch with loved ones and sharing experiences with friends, but like almost anything on the internet, it can be easily abused. With some creative thinking and a little luck on the side, it is possible for it to be used as a vehicle to steal money from unwitting victims. I had heard stories of account cloning, but I always assumed people would check with the account holder via another form of communication or at least think twice before sending money to an account they only recently connected with. Sadly, people are still being caught out with this scam and I want to help reach those who may be unaware of how the con works. As with all my ways of getting a security message across, I needed to conduct a little experiment to test this scam in the real world and see first-hand the ease with which it can work. It’s easier to get your message across about the risks when they’re shown a real example of the scam working and then they want to better protect their accounts and themselves. All I needed was a volunteer who would be willing to allow me to set up a cloned account and then attempt to dupe their friends. However, wow am I quickly running out of friends to con! I looked far and wide, but no one wanted to play ball on this one. Therefore, having failed to find someone happy for me to clone their account for the test, I decided I would have to clone my own Instagram. I follow nearly 900 accounts on Instagram and I am usually posting the same old seascape photos or pictures of me prancing around at the beach to my 1,400 followers. I decided to make a new account on my spare phone and took four screenshot copies rather than uploading the originals to make it as authentic as possible just like someone else would have done it. It was easy to duplicate these images but the only thing that could have been a difficulty is that when copying the profile picture, it would have needed to have been posted in the feed to make a quality replica. I decided to follow 30 of my friends to see if they would follow me back and let the experiment instagram private account photos begin. Ten were private accounts, therefore they required approval, and 20 were public accounts. Within moments I had three private account owners accept my request and two followed me back. This was a good start. I was expecting someone to contact me via a different communication method and question this request, particularly due to my line of work and the embarrassment that I could have been subjected to, understanding that even I am susceptible to an account compromise! But no one did. In fact, the numbers increased. Thirteen accounts followed me back on the same day and by the evening I decided to message these people and see what sort of responses I would receive. Initially, I mentioned the account compromise and thanked them for accepting the new follow request and then went in with a request to catch up.