Trust. Its a very important thing between friends. It’s the glue that holds these things together. This hasn’t changed in hundreds, even thousands of years. What has changed over the same amount of time is how we communicate. For the longest of this, we have communicated through ink and parchment. Since that we have figured out how to send electrical pulses through copper wire resulting in communication tools such as the telegraph and telephone. From there we moved our communications from analog to digital and began communicating over the internet.
For each of these forms of communication, there has been a way to verify the source of the message. Wax seals, secret phrases, voice recognition, even facial recognition. For the same amount of time, people have been attempting to replicate these forms of authentication for their own purposes.
Today’s preferred method for family and friends to communicate over distance is Facebook. Like all the other methods of communication, there are people that want to intercept and replace communications for their own reasons and/or gains. These people will attempt to use your name on Facebook to use the trust between you and your friends to achieve whatever gains they think they can get.
- The first method commonly used is hacking your account. Generally this is done by you using a simple password, or the same password across multiple accounts and one of those other sites were compromised. They then log into your account and share links for websites that are less than reputable.
- The second method is a little more sly. You’ll come across a story through Facebook. You’ll click on it to read the story with the sensational headline and it will ask you to essentially log in using Facebook. This is actually a Facebook application requesting permissions from you. One of these permissions is posting on your behalf. Whenever the offender feels like it, they can use their application to share a post via your account. If your friends do not know what to look for they can easily mistake this for a post that is genuinely from you. As mentioned before the trust is used to get your friends to click on links that under other circumstances they typically wouldn’t.
- The third method requires a little more time investment but doesn’t require any hacking or applications. In this scenario the person wanting to gain access to your friends trust simply creates a new account using your name and profile picture. These things along with your friends list are all publicly visible with no method on your behalf to change that. After they have created the new account they simply go down the list requesting to be friends to build a clientele of sorts. Generally your friends assume or some reason that your friendship was disconnected or you’ve decided to move on to a new profile for some reason or another and accept. after all that is your name and profile picture.
There are methods for preventing these things from happening. I’ll be happy to share them with you.
- First and foremost, use a secure password. Your password should use letters (both capital and lower case), numbers and symbols. You should use at least 8 characters. The more the better but most websites have an upper limit between 16 and 32. Its best if this password is something that is hard to remember. For this reason you should most likely use some sort of password management software such as LastPass or 1Password. On top of this, you should use Two Factor Authentications (abbreviated 2FA). This allows you to use a one time password that typically is a random set of 6 numbers that changes every 20 seconds or so. Facebook has a built in authenticator app that you can use from a mobile device or another computer that you are already logged into. Personally I’m not a fan of this because if you are logged out of all your devices for some reason, you will not be able to access the authenticator. I personally use Authy as my authenticator. They have an Apple Watch app that allows me to retrieve my code from my wrist. I know this is incredibly geeky of me and I’m not going to even try to defend it because this website is mine and I can do what I want.
- The method for preventing this method from happing is pay attention to what permissions you hand out on Facebook. It’s generally best practice to not give any applications permissions to post on your behalf. Most of the time, there’s not a good reason to allow it. While I’m writing this the only application I can think of that has a legitimate reason to allow posting on your behalf permissions is Twitter. I’m sure there’s other reputable social media apps that I’m just not thinking about but you get the idea right?
- There’s not a lot that can really be done about this one. Its mostly your friends who have to fight this battle for you. The only thing you can really do is help your friends understand that you only have one account and will not be creating another. From there, its in your friends hands. When they see a new friends invitation from someone they’re already friends with, they should check their friends list to see if they are still friends with you (or whoever really). If they are, the account is obviously not the person they are pretending to be. If the person who is requesting friendship is not already in your friends list. there are two options here. They can add the friend and be very cautious about links and communications from the person, or they can verify the authenticity of the person by communicating with whoever the person is supposed to be via some other channel of communication (such as a phone call).
With millions of active users, Facebook is a gold mine for anyone with less than outstanding morals and time on their hands. Its completely up to you to protect your good name. People will be quick to blame you for their computer woes simply because your name was attached to something and they don’t know any better. Do your best not to let this happen to you.