来者不尽是朋友英语阅读

Beware of false friends as fraudsters hack into Facebook

It's not just Barack Obama's campaign team that has learned to use Facebook to great effect. The popular social networking site is quickly becoming a favourite new haunt for online scammers.

Earlier this week, I received an e-mail from the online security specialists Sophos warning about a new phishing scam targeting Facebook users – call it the Nigerian 419 scam rewritten for the web 2.0 era. Hours later I noticed one of my Facebook contacts had fallen victim to the very same scam. His Facebook status read, "stranded in Lagos." Instructions followed: send money "urgently" to a Western Union, presumably in the heart of the Nigerian capital.

The fictitious message generated a few laughs from friends, and continues to do so today, probably because it seems such a lame attempt to use a lost trip to Lagos to shake someone down for money. It's hard to think anyone has a friend - on Facebook or in real life - gullible enough and solvent enough to fork out for a plane ticket home at a moment's notice. But that's the beauty of the so-called Nigerian 419 scammers: they're an unsinkable lot. They assume, rightly, there has to be at least one sucker among the 100 million-plus Facebook users who'll reach for their credit card no questions asked to help a "friend" in need.

The Facebook scam, according to Graham Cluley, from Sophos, works much like the traditional phishing scam, which remains a lucrative racket. "Hackers phish for Facebook passwords just like they phish for banking log-in details," he says. That means the Facebook user may have been tricked into entering a username and password into a bogus site, which diverted the information to the fraudsters. Similar scams are happening on MySpace and Twitter, Mr Cluley adds.

Facebook did warn about the rise of phishing attacks on the network in April, telling users to be wary of oddball wall posts, and reminding users to their web browsers and be conscious that Facebook does send e-mails asking people to respond with their log-in details.

Still, any network is only as safe as the weakest link. If a seemingly trusted friend is sending out distressing status updates or worse, enticing messages, there are bound to be a few of even the most discerning social networkers falling into the trap.

For example, just last week two other Facebook contacts sheepishly warned in their status bars that their accounts had been somehow hijacked and that spammers were sending out fictitious messages in their names. The warnings came a bit late. I had already been sent the dubious messages from the victims – or supposedly from them – urging me to check out something on another web site, something cool. I was a bit late in responding. By the time I had, the link had been flagged by Facebook as a potential fraud and disabled.

The recent spate of Facebook fraud attempts is inevitable, but still worrying. The con is always much more effective if it appears to come from a trusted source. And in this hyper-connected world our daily routine of adding new Facebook friends, MySpace mates and Twitter tag-alongs makes us a more enticing target for online fraudsters. The "laid up in Lagos" swindle may have failed this time, but that won't stop them from trying out something new next time.