Facebook Helps Man Steal $57,000 from Neighbors

/ Source: SecurityNewsDaily

A British man who used the personal information posted on his neighbors' Facebook pages to make off with more than £35,000 (about $57,000) from their bank accounts has been sentenced to 15 months in jail, the British newspaper The Telegraph reported.

Iain Wood's devious scheme came to an end in 2009, after a two-year stint during which he fleeced his Newcastle neighbors by scouring their Facebook pages and gathering enough personal details — mother's maiden name and birth date, for example — to pass banks' online security verification questions and obtain their passwords.

"This is the first time I've come across a sophisticated fraud such as this; it was very well-planned, complex and clever," Judge Guy Whitburn said at Newcastle Crown Court, The Telegraph reported. "It is an extremely bad deception on people in the same block of flats as he. People's blood runs cold when they see money taken from their accounts."

[Posting Your Location Is Asking for Trouble]

To his credit, Wood, 33, cannot be called a slacker: He spent 18 hours a day on Facebook snooping on people's pages. He was able to successfully exploit so many victims because, unfortunately, people tend to post extremely personal details on their Facebook pages, and don't think to use different passwords for different websites.

Wood's spree came to an end in November 2009, when police pegged him as the suspect behind a single fraudulent withdrawal of £1,500. When they arrested Wood, he asked the cops, "Have you been on to me for a while?"

Police then searched his apartment around found bank account PINs, a victim's passport and bills Wood had taken from his neighbors' mailboxes.

Want to keep your online profile private and your money in your pocket? The security firm Sophos suggests you steer clear of the truth when setting up security questions.

When asked your mother's maiden name, "Why not make up the answer?" Sophos' Graham Cluley wrote. "For instance, say 'Xena Warrior Princess,' 'C3PO' or 'Malcolm Muggeridge.' As long as you remember it, and no one else can guess it — that's all that matters."

When it comes to Facebook and other social networks, the best bet is to keep your private information — the details that would be gold to an online criminal — private.