Social Storytelling (Part 2)

The fake friend request. If you spend any substantial amount of time on Facebook, you’ve likely received one. I currently have seven such fake requests in my inbox, and each is a unique Social Story. In part 1 of this post, we talked about how fraudsters use engaging stories to gain the trust of their targets. Jargon, shared traits, references to mutual acquaintances are all effective ways to deceive. In this post, we’ll see some examples of fake Social Stories.

Most fake friend requests are easy to spot for individual users. The Provocative Profile Pic (“PPP”) is usually a dead giveaway. The “zero-mutual-friend-check” is also effective. But some stories require a closer look. Take the Facebook users below as examples of different levels of sophistication (names have been changed to protect the innocent):

    Kayla   Luke   Jen
Profile Pic   PPP   Handsome, Smiling Headshot   Attractive, Smiling Headshot
Gender   Female   Male   Female
Friends   12, 0 mutual   148, 0 mutual   116, 40 mutual
College   Stanford University   Stanford University, 2010   Chicago
High School San Diego City Schools   Standford University [sic]   Crane
Likes    None   Chicago Bulls; Dwayne Wade   None
Phone Unlisted Unlisted 312-xxx-xxxx
Email   Unlisted   Unlisted   xxxxxxx88@hotmail.com
Other       Picture accepting Gold Medal in 2008 games    

Even at a quick glance, it’s clear that these stories were crafted to target me and users like me. I attended the University of Chicago and Stanford around the same time as Kayla, Luke and Jen.

Kayla is a fairly easy one to dismiss. In addition to the PPP, finding a recent Stanford grad with 12 Facebook friends is like finding the Loch Ness Monster. Luke is a little trickier but is still a pretty obvious fraud. His friend count is 148, above average for Facebook but, again, well below average for Stanford Grads. Or was that, Standford High School? Yes, you can see in addition to listing Stanford as his College, “Standford” is his High School. There’s subtler things as well (how many Bulls fans have D-Wade as their favorite player?), but the funniest one here is an album picture of our hero apparently accepting a Gold Medal at the Beijing Games (not sure who the real athlete is).

Jen is the most sophisticated member of this group. Her picture is attractive, but not provocative, which lets her take advantage of the well documented “What is beautiful is good” stereotype that humans exhibit. She has 116 friends and fully 40 of them are mutual friends. The location details are also very consistent. She’s Chicago through and through, from high school to phone number to college. Identity generators that do this are readily available. It’s only a deeper look that reveals these accounts are fake. First, the “Chicago” details are just a little off – she’s not linked to the official “University of Chicago” page. The listed phone number is disconnected, and the email follows the FirstNameLastName## pattern commonly used by fraudsters. Upon further checking the email actually proves it to be a total fake.

Unfortunately, not every targeted user has the time to pick apart the details of a friend request. For a business evaluating thousands of customers onboarding through Facebook Connect, this kind of profile review is simply impossible to do at scale. Signifyd builds the product that does it for you, at scale and without putting friction on your users.

Signifyd

Signifyd, the world’s largest provider of guaranteed fraud protection, enables ecommerce retailers to provide friction-free buying experiences by shifting fraud liability away from merchants.

Related Posts
-

Subscribe To The Newsletter

Popular Posts
-