Don’t worry, I’m not looking for detailed instructions.
I’m hearing this second-hand, so I may not have the full accurate story. However: apparently my cousin’s fiance discovered that someone had stolen his business’s debit card data via facebook and used it to make 18 payments of $318 each (?!) on Facebook.
As far as I know, this sounds like B.S. Not that I suspect either the fiance or my cousin is lying, just that either one or both of 'em has the wrong idea about what happened. I don’t see how someone’s debit card info would be accessible via Facebook (unless the fiance had given Facebook his debit card info in order to purchase ads… which, knowing what little I do about his business, doesn’t seem likely. Facebook users aren’t his target audience).
Also what the hell could you spend nearly $6,000 on Facebook in the first place? I know some stores have storefronts/catalogs on Facebook, but wouldn’t any money from sales go to them, not to Facebook?
Any ideas? Sorry for the lack of info; I’m waiting to get the full story from the fiance before I can figure this out*, so I just hoped maybe someone had heard a similar tale.
Not that it’s really any of my business, but I do have a web design client who uses Facebook fairly extensively, including ad purchases, so I’m interested in how such a scam/ID theft might have occured.
P.S. Just got info from my cousin: most of the charges have been reversed by the credit card co., so that’s a relief. But I still wanna know just how this might have happened.
Ah, yes, that’s a good point. In which case surely it would be easy to trace, wouldn’t it? At least, the ads would be connected to a FB account, and ditto the game perks.
Huh. At first I was like, “wait, Facebook has gold accounts now?” But obviously not. Wow. I’d never heard of that scam before, thanks tellyworth.
I’ll try to find out from the fiance if he was able to identify what the charges were for. I still don’t understand how anyone could get someone else’s CC info from Facebook, unless he was the one who accidentally got phished. But I doubt it – he’s pretty net savvy and not the type to go for this sorta thing. (Plus I don’t even think he has an active FB account.)
Was his facebook password the same as the password to any other service (gmail, yahoo, LinkedIn, etc.) that he uses? He could simply have been hacked by carelessly reusing passwords and having someone steal his password from another system.
I hope he has changed all his passwords for all systems he uses, just in case.
Thanks, those are good questions. Honestly I’d be surprised if he wasn’t already pretty secure–he’s devised computer software for his business (and sells it to a specific industry) and unless it’s one of those “the cobbler’s kids always go barefoot” things, I can’t imagine he’d be this unaware of basic online security measures.
But I probably shouldn’t say more until I find out more details. Obviously something got screwed up somewhere along the line. I’d think it more likely that it was his business partner’s laxity that caused the problem rather than him.
