In the words of P.T. Barnum “There’s a sucker born every minute!” Unless he really didn’t say it. But for our purposes, it doesn’t matter. It’s all about the drama and the details.
Ahhh…you open Facebook because you can’t wait. A new Friend Request! Except it’s not. It’s the first step in turning you into a victim. How do you know? Let’s break this scam down step by step, and show you quickly how to verify not only it’s fake, but where else on the Internet this picture is being used.
Step 1 – Download The Picture
This young lady goes by the name ‘Lucy Love’. That should be your first clue. If not, you need this refresher course HERE. I also notice we have no friends in common, there are no status updates, and this profile only appeared a couple of months ago.
Step 2 – View The Profile Name
Interesting to know that ‘Lucy Love’ has the profile name of ‘Ernistina.Yeboah.5855’. Hmmm…the plot thickens.
Step 3 – Search The Image
Wow! Look at all the pictures. Here’s how you find this. Go to http://www.google.com/images. You have the options of searching by file name (which in this case won’t work because Facebook does weird things with the file name). The other option is to search by the actual image. Either upload or drop and drag the image you downloaded, and…voila!
It seems ‘Lucy Love’ is actually a teenage porn star with her own site, and lots of other sites she’s featured on. (Don’t worry – I made this image Safe For Work). This same technique is used all the time on LinkedIn as part of a spear phishing operation against a target.
Here’s how to do it:
The Moral Of The Story
Be paranoid, but not overly paranoid. Ask questions. Do I know this person? Why do we have no connections in common? (Or if you do, they were the suckers.) How long has this profile been active? Is it too good to be true? Did I check the profile name?
When in doubt…Shields Up!