Latest Facebook Scam: Phishers Hit Up “Friends” for Cash
by Jason Kincaid on January 20, 2009

One of the best things about Facebook is that you know who you’re dealing with. You’ve verified every friend connection and nearly everyone has a collection of personal photos proving they’re who they say they are. Now it looks like some scammers are using this trust to their advantage, hacking accounts and exploiting the wealth of personal information available to trick your friends into giving them cash. In the past Facebook has had its fair share of spam and phishers, but now it looks like these scammers are getting smarter by engaging in a form of identify theft.

Today we received a transcript from Rakesh Agrawal, President/CEO of SnapStream, that shows how the scammer dug through his friend Matt’s profile to learn about his wife and children. Fortunately, he didn’t do quite enough digging.

7:20am Matt:
whats up?

7:20am Rakesh:
Hi Matt
Everything OK?

7:21am Matt
well,im really stuck here in london
i had to visit a resort here in london and i got robbed at the hotel im staying

7:22am Rakesh
ack… that’s terrible. Sorry to hear it.

7:22am Matt
we just want some helo flying back home

7:23am Rakesh
So why are you stuck there?’

7:23am Matt
all my money to get a ticket back home got stolen

7:25am Rakesh
I didn’t understand this “we just want some helo flying back home”

7:25am Matt
actually i got some money wired to me to catch a flight back home
but we still need $800 more to complete our ticket fee and fly back home

7:26am Rakesh
Honestly, it sounds like someone’s hacked your Facebook account and is using it to defraud your friends.

7:26am Matt
i have the money in my checking acct,i cant just access it from here
this really me
Lauren is here with me
and my kids

7:28am Rakesh
your wife’s name is on your profile page

7:28am Matt
what about my kids name?

7:28am Rakesh
in photos?
how do we know each other? when did we meet?

7:29am Matt
from school

Rakesh writes that he does not know Matt “from school”, and that he was blocked as soon as the impostor realized he was on to him.

There’s really nothing Facebook can do about this from a technical standpoint – social engineering is essentially impossible to prevent once an account has been compromised. But an awareness program that emphasizes constant vigilance would be a good step: users need to remember that just because their friend’s smiling face is sitting next to the chat window, that doesn’t necessarily mean it’s them.


Comments rss icon

  • I had the same experience with a different “friend” pretty much the same story but smelled a rat.

    • Hahaha I actually just did a blog story for my television station about this. Was hacked, even though I am a good little boy, using Firefox, not downloading unknown files, etc…

      Check out my story, along with screenshots from some of his sent messages from my account, and how I was still able to connect to my Facebook account after it was compromised:


      • Hey Matt – this just happened to me yesterday. fortunately FB locked my page down after just a day – or the hackers disabled it when they gave up. How did you get your account back?? I’m really curious if I can get my page back. I would appreciate if you let me know – thanks!

  • This is a form of identity theft. serious stuff.

  • I had the same exact experience, London and all. I tried to post on my friend’s wall, but the phisher deleted my post and defriended me! lol

  • A couple a weeks ago there was some stranger that jumped into a small (but still open) network I built in Ning. And she started to connect to people and seemed to be a human, not a bot. But one of the people that had started conversing with her told me there was some kind of money-need coming up a little bit to fast to be taken seriously. So I kicked her out on the spot.

  • Had this happen to two people I know in the last week.

  • Props to Rakesh, seriously.

  • classic ATO really.. people do use very simple passwords, so there’s real surprise, nowadays, for such situations to occur.

  • These guys are getting really desperate.
    Yesterday, I received an email from a friend of mine who lives in Omaha, well, that’s what I first thought it was, see a copy of this email below; stating almost the same thing, as the above.

    When I first read that email, I was like, oh, maybe it’s real, and then I started looking at the header, and realized that it was sent to an “undisclosed emails”, plus the language in the email message didn’t seem right, and these were the key for me to instantly realize that it wasn’t him. They hacked his Hotmail account, and changed the password, now he’s locked out of his account, and he’s now wondering how he can get it back.

    I am not sure how he can get it back; I don’t have a Hotmail account.

    Below is the copy of the email I received yesterday, from those who hacked his account, using his email account.


    Flag this message

    Subject: I need your urgent assistance….

    From ############
    Monday, January 19, 2009 6:22 AM

    From: “############” View contact details
    To: undisclosed-recipients

    Hello,How are you doing today? I am sorry i didn’t inform you about my traveling to Europe for a program called “Empowering Youth to Fight Racism, HIV/AIDS, Poverty and Lack of Education, the program is taking place in three major countries in Europe which is Italy,Holland and London. It has been a very sad and bad moment for me, the present condition that i found myself is very hard for me to explain.

    I am stranded in London because I forgot my little bag in the Taxi where my money,passport, documents and other valuable things were kept on my way to the Hotel am staying, I am facing a hard time here because i have no money on me but fortunately got my ID with me. I am oweing a hotel bill of $1800 and they wanted me to pay the bill soon or else they will have to hand me over to the Hotel Management. I need this help from you promptly to help me back home, I need you to help me with the hotel bill and i will also need $700 to help feed and get myself back home .So please can you help me with a sum of $2,500 to sort out my problems here? I need this help so much and on time because i’m out of the little cash i had with me, Please understand how urgent i need your help.

    I am sending you this e-mail from the city Library, I will appreciate what so ever you can afford to send me for now and I promise to pay back your money as soon as i return home.

    Hope to hear from you soon. Although, the embassy here have promised to give me a covering travelling papers that i will need to have my way back home , all i need right now is the money to settle up the bills and leave

    Love -best wishes

    “Only a life lived for others is a life worth while.”
    Albert Einstein

    Windows Live™: Keep your life in sync. See how it works.

    • lol @ Einstein quote…

      but come on… these emails are so obviously fake…

      the conversation of Rakesh however seems more obtrusing… because most people will use ‘chat language’ not caring much about grammar… it is harder to filter out the bad language…

    • “Only a life lived for others is a life worth while.”
      Albert Einstein

      I bet somebody really stranded will coincidentally have this quote on his e mail.somebody who will help you does not need this much convincing.i guess these are desperate days

    • Well, for starters, London isn’t a country. I guess the geographical ignorance at least narrows down the hackers location to somewhere in the US.

    • If these scammers ever work out that we dont all talk and send emails like old fasion news readers then we will be in real trouble. They stand out easily now because they try to use such formal language. All one of these scammers needs to do is hire a 17 year old from the US or UK or something and we’re screwed!

  • They get the account through phoney e-mails. I received 4 e-mails in the past few days along that say “so-and-so commented on your status” or “sent you a message on facebook” and they contain fake links to login to facebook. That’s how they steal accounts. Never click on any links you get through e-mail.

  • So, it’s not clear whether Matt’s account had been compromised (someone hacked into it) or whether the phisher created a new account and pretended to be Matt. After all, it would be fairly simple to steal the thumbnail photo and most people just respond to chat without pulling up the profile.

    I’m thinking it’s the latter strategy, but could the author clarify?

  • Facebook’s response to this is pitiful. This happened to a friend over a week ago. Exact same scam about being in London. The hackers changed his pw and locked him out of his FB acct. Facebook’s response has been a joke, support is almost nonexistent and he still can’t access his FB account.

  • Heh. I don’t even loan money to my REAL friends.

  • Help, I have 4995 friends, and 362 requests to send money to London.

  • one has to use a certain amount of caution when posting and chatting on social nets

  • Yeah, serious props to Rakesh. This is so sad and scary. But seriously, if you’re gonna be a phisher, do some more research. What a poor attempt.

  • Anybody that knows me knows I’m broke as a joke.

  • This happened to me on Gmail last year. Someone hacked my account and sent the following email to numerous friends. Similar to above, they started engaging them through Google Talk.

    The main issue is, since Facebook and Gmail have little to no Customer Service or support, it takes over a week to have your account locked and reviewed (the hacker changes the password and locks you out). Your basically a couple weeks sorting this thing out…

    Gmail message below.


    How are you doing? Please i really don’t feel like disturbing with my little problem but i don’t have any other options rather than seeking for help from you,please try to understand.

    Actually,I travelled down to Nigeria but unfortunately for me,I was robbed by some street orchids while trying to get a cab back to my Hotel. Right now,I am stranded and so cashtrapped.I can’t even think straight now.

    With the little money I’ve on me,I have access only to email and worst is my mobile phone doesn’t work here. So I was thinking if you’d lend me the sum amount of $1500 to settle my hotel bills and other things please.

    I will pay you back as soon as I get back. I am so confused right now. you can have it sent directly to the Western union money transfer office down here. My passport is not with me. I am almost impatiently waiting for your reply.

    With regards.

    • The solution is to use different passwords for different services… especially when it comes to services as Gmail…

      I know that a lot of people will use the same password on a dozen of sites… and once one site has been exploited… he’ll get them all…

      Also don’t forget to distrust website owners also (many low-end sites will NOT encrypt passwords)… in combination with the email adress you’ve entered with your subscription… it is really easy to take over your account.

  • “There’s really nothing Facebook can do about this from a technical standpoint…impossible to prevent once an account has been compromised.”

    Facebook can definitely do something to stop accounts from being compromised. Offer strong auth – something more than a password. A lot of banks are doing it already. Quit being lazy.


  • Guys,

    this is really Matt. I am really stuck in London. what is this joke about the scam thing?

    can somebody please ask rakesh to wire me some money ? please ?

    • This is Rakesh.
      I humbly wish to solicit for your assistance in a business transaction.

      This business proposal I wish to intimate you of will be of mutual
      benefit to the both of us and its success is entirely based on mutual
      trust, cooperation and a high level of confidentiality.

      I am representing the board of the contract award and monitoring
      committee of the Zambian Ministry of Mining and Resources. I am seeking
      your assistance to enable me transfer the sum of US$15,000,000.00
      (Fifteen Million United States Dollars) into your private/company

      The fund came up as a result of a contract awarded and executed for and
      on behalf of my Ministry. The contract was supposed to be awarded to two
      foreign contractors to the tune of US$180,000,000.00 (One hundred and
      Eighty Million United States Dollars). But in the course of negotiation,
      the contract was awarded to a Bulgarian contractor at the cost of
      US$165,000,000.00 (One hundred and Sixty-Five Million United States
      Dollars) to our advantage unknown to the contractor. This contract has
      been satisfactorily executed and inspected as the Bulgarian firm is
      presently securing payment from my Ministry, where our Board is
      in-charge of all foreign contract payment approval.

      As a civil servant still in active government service, I am forbidden by
      law to operate an account outside the shores of Zambia. Hence this
      message to you seeking your assistance so as to enable me present your
      private/company account details (preferably an empty account) as a
      beneficiary of contractual claims alongside that of the Bulgarian
      contractor, to enable me transfer the difference of US$15,000,000.00
      (Fifteen Million United States Dollars) into your provided account.

      On actualization, the fund will be disbursed as stated below.
      1. 20% of the fund will be for you as beneficiary
      2. 80% of the fund will be for us.

      All logistics are in place and all modalities worked out for a smooth
      actualization of the transaction within the next few working days of
      commencement. For further details as to the workability of this
      transaction, please reach me as soon as possible for further

      Kindly expedite action, as we are behind schedule, to enable us include
      this transfer in the first batch which would constitute the first
      quarter payments for the 2009 financial year.

      Thank you and God bless as I await your urgent response.


  • FacebookIsAFreeService - January 20th, 2009 at 5:09 pm CST


    What do you expect from a free service.

  • Facebook needs to up thier security! There must be some sort of flagging system in place!


  • It seems like this kind of things happen regularly.

    I suppose that there is indeed nothing can be done by
    social engineering once the acc has been compromised, just like the situation metioned.

    All the site carrying user’s infomation will have this risk, such as alumni record site, SNS site, and so on.

    So, cling to your own account and keep being vigilant :)

  • This has been already happening in the UK. Old news really. Guess they decided to try the US.
    At least London is more believable than Lagos. If you wire money to a friend in Lagos, you really need to have your computer confiscated.

    If they are actually serious about real identities, facebook should employ some basic identity verification.

  • It’ll probably take ages for them to change their login verification. I heard about this one about a month or so ago and posted a link to the story in my status. Most people never even heard about it. If Facebook was serious about educating people to spot/prevent these scams, why not use the ads?

  • i wonder what these scammers can make per hour.

  • There is really no way to flag these jerks who scam others. New technology is just another tool, for good and for bad. People have to understand that.

  • This happened to me the other day and the Australian media outlets have been contacting me for comment.

    Have a read of the transcript (there is a pattern) and follow my advice if this ever happens to you

    I agree the only way to combat this is through awareness. It’s not Facebooks fault, although my friend who had her account compromised tells me how frustrating Facebook was in settling the situation.

  • I wanted to buy a car in Germany and the guy wanted me to send him the money only through Western Union which was susspicious…. i later found out this is a complete scam. but this was long ago. now i bet they are much more inventive :(

  • Seems, the scammer forget to use the facebookgrader (, twittergrader and other graders. I believe that day is not too far they will be able to create their hit list more easily.

    No fun intended, this is the risk of transparency… at some time there need to be balance between how much to keep personal information public.


  • A friend of mine totally had this happen to her the other day…
    As soon as she started asking questions and they person seemingly was getting them wrong they sort of freaked out at her.
    Such as button mashing and calling her “Bastardo”. It got more hostle when she started leaving comments and such everyone annoucing that the person was a hacker. Very comical but pretty deep for scam.
    People are gross.

  • Stupid Nigerian losers. I wish someone would just NUKE Nigeria. Problem solved!


  • Wow, this is scary.

  • If they can’t develop better security, maybe they should be renamed Phacebook.

  • As if anyone would actually fall for this though really. If your friend was stuck somewhere and needed $800, would they really ask you through your Facebook account?? It’s just common sense really…

  • I had the exact same experience occur right around the holidays. As soon as I began to question the person on how they knew me, it became evident that they were lying.

  • Seems to me the easiest way to protect yourself in these cases is to attempt to speak to your friend, face to face. Ask if you can call them or they can call you instead of chatting about it. A friend really in need will agree, a rat won’t.

    • Not necessarily, especially if both the hacked account and the potential scam-victim’s phone numbers are available. It is possible to spoof caller-id numbers.

  • Same thing happened to me… from an acquaintance that surely wouldn’t be asking me for money under normal circumstances:

    8:58amLeslie: You there?
    8:58amTamar: good morning :) :)
    8:58amLeslie: gud morning
    I need your help
    8:58amTamar: ok, hope i can be of help
    (how are you, btw?)
    8:59amLeslie: I’m stuck in london
    8:59amTamar: that doesn’t sound so bad! j/k
    need some info?
    I was mugged at gun point last night
    I was mugged at gun point last night
    8:59amTamar: what??
    9:00amLeslie: I need you to loan me a few bucks
    9:00amTamar: how
    9:00amLeslie: You can wire it to me as we speak
    9:01amTamar: you’re kidding, right?
    9:01amLeslie: I’m dead serious
    Its scary here
    9:01amTamar: why did you reach out to me?
    what were you doing in London?
    9:02amLeslie: came here for business
    9:03amTamar: sure… why did you reach out to me?
    9:03amLeslie: cos i feel you can help me
    9:03amTamar: why me?
    do u have access to your email account?
    9:04amLeslie: whjy do you ask
    9:04amTamar: so that i can confirm your identity.
    do people really fall for this?
    9:04amLeslie: How do you mean
    9:04amTamar: do you know how we met?
    that’s it? give up?
    9:06amLeslie: are you kiddinng wtf
    9:06amTamar: no. how did we meet?
    9:07amTamar: not sure how to respond? come on, easy question.
    9:09amLeslie is offline.

    I then attempted to warn her other friends by posting on her wall, and was promptly de-friended.

  • Great article. Thanks for the information.

  • This actually happened to me too.

    But we had some fun with it and i actually have our recorded conversations we had with him via skype.

    I have a copy for those interested. Just email me, might take a lil to respond since it’s my secondary email i use but i’ll get it to u.

  • To quote the late Johnny Carson “May the fleas of ten thousand camels infest their armpits”.

  • These sort of problems are inevitable if you are actively engaged online these days. I was trying to learn more about fishing and stumbled upon Worth a look IMO.

  • These type scams are common in dating sites and similar scams on ebay (bogus goods.) Making their way to Facebook is disgusting, but, I guess,inevitable.

  • This happened to me only moments ago. They hacked a friends account.
    Fortunately I know him well enough that the conversation didn’t make any sense.
    I asked for a phone number to call at, and the one they gave me was for a private residence. They were also unable to answer the most basic of questions as to how we knew each other.
    Once I busted them for a scam I was deleted and blocked as a friend also.

  • Check your Facebook Contact Settings!

    This scam just happened to me and my friends, and I wouldn’t have been any wiser had I not gotten SMS messages from them!! I was able to see a IM conversation as well as a email they sent I don’t check Facebook every day. What was weird was I could see these “Chats” on both my phone and computer. Thankfully my friends are skeptical!

    Check: Blocked/Deleted Friends- they deleted the ones that questioned.

    Status Updates: I updated 2x before it finally stuck!

    Contact Email info! They added a very similar email to my Facebook profile- changing only the domain to opera. This was made the defaul contact email!

    I have no idea how they did this, but I am going to run a virus scan on my computer- and disabled my Iphone till I figure this out. Thanks for the press coverage-my mother new it was a scam! My friends figured out it was.

  • Wow people really have no morals anymore!

  • This exact scam happened to me yesterday. Facebook’s response is ridiculous. They said I had to log in to my Facebook account to report the scam. When I pointed out to them that the cybercriminals had changed my password and taken it over therefore I couldn’t log in, they said that was just too bad. This means that they know their site is being used by criminals, exploiting their users and they choose not to act. This is inexcusable. They are just too lazy to find a fix.

  • This came to me tonight in an IM on facebook.

    Clear Chat History
    Couldn’t retrieve chat history
    Hello Jordan

    How are you ?

    im doing great man just got home from work

    long time no talk

    how have ya been


    Well im stuck here in london and i really need some help out

    in london?

    help with what?

    Yes…i had to visit a resort for vacation here in london and i got robbed at the hotel im staying


    that sucks.

    passports and everything taken?

    Well i still have my passport with me

    thats good

    But all my money and wallet got stolen at a gun point


    how long ago

    It really sucks here

    Two days ago now

    thats crazy

    so is all your money gone?

    I just really need some help with flying back home

    Yes….I just really need some money to complete my ticket fee now

    Can i ask for a favor ?

    you can ask for a favor…but im broke dude

    i have like 10 bucks to my name

    All i need is just $300 more

    if i had the money dude id give it to you in a heart beat.

    did you go to the police???

    Yes..But they can help me out


    Can you get me $100?

    I can get it from the ATM for you as soon as im back home

    dude i seriously have like 10 bucks to my name.

    i wish i could help bro…

    did you talk to your parents?

    you there???

    right now you are not only breaking federal law but you are in serious danger of going straight to hell. You do realize that don’t you?

    Your sins will find you out. God says everything will be shouted from the rooftops one day. What you have done is going to be seen by all on the day of judgment. You will not get away wtih this crime, I promise you.

    Shame on you, shame! Mike is a committed Christian and I am telling you the God he serves will not allow you to get away with this and GOD ALMIGHTY WILL TAKE VENGEANCE UPON YOU!!! Get ready because the weapon of the Lord is on it’s way to bring you down, man. Better brace for it. It’s headed your way.

    1:20amMichael is offline.


    A nice guy from @freitasm sent me this link and turn around my decision on finding ways on how to help my friend who was “mugged” in London.

    Here’s the full story and I hope this kind of BS will stop. I’m beginning to think Facebook isnt safe aynmore.

    Please read and be amused of how the guys tried to trick me today!

Leave Comment

Twitter Users
Enter your personal information in the form or sign in with your Twitter account by clicking the button below.

Commenting Options

Enter your personal information to the left, or sign in with your Facebook account by clicking the button below.

Alternatively, you can create an avatar that will appear whenever you leave a comment on a Gravatar-enabled blog.

Trackback URL
  • MediaTemple Logo
  • QuickSprout Logo
  • OpenX Logo
  • Cotendo Logo