Looking to start an online criminal enterprise? Look no further than an Eastern European hacker website that offers stolen Facebook accounts for between $25 and $45. Just ask for "kirllos" and he should be able to set you up.
It's easy enough: Send "kirllos" money ($25 for an account with 10 or fewer friends, $45 for 10 or more friends) and you will receive a hacked Facebook account from which you can spam and con your way to riches. Who said the dotcom era of moneymaking was dead?
It's all fairly simple. Hackers use "phising" scams through email, and malware to track your keystrokes when entering passwords. From there, it's an information superhighway paved with gold! But there are some out there fighting the good fight on your behalf. The out of touch New York Times, who calls it "the Facebook" in the story's lede, has this to say:
Researchers at VeriSign's iDefense division tracking the digital underworld say bogus and stolen accounts on the Facebook are now on sale in high volume on the black market.
One woman's gullible, yet generous and caring friends know all too well how easy it is to be scammed by Facebook criminals like kirllos:
Last summer, Eileen Sheldon's Facebook account was hacked and used to send messages to about 20 friends claiming she was stranded in Britain without a passport and needed money. Ms. Sheldon, who lives in California, had recently been living in London, and one friend, believing the ruse, wired about $100 to the thieves.
Rest assured, concerned Facebook user, the detectives at VeriSign's iDefense unit are on it. But Facebook doesn't buy this whole thing about their security being compromised, and they're blaming VeriSign for using scare tactics and giving hackers too much credit. Facebook says kirllos is full of shit and is known for making "wild claims." And when the website's clandestine force of counter hackers tried to make a purchase from kirllos, he "was unable to produce anything for our buyer." Or perhaps, being a savy hacker and all, he could smell your Facebook cop tentacles from thousands of miles away? A spokesman for Facebook, Barry Schnitt, told the Times:
We would expect iDefense or anyone presenting themselves as a security expert to do this kind of verification (or any verification) rather than just reading a forum post and accepting the claims as fact and publicizing them."
That's right. Instead of warning individuals and companies about online scams, you should just trust Facebook's clandestine force of counter hackers to handle everything. They're on it.