CHICAGO - Scammers are using phony Facebook profiles to fool people into giving up money by first hacking into a friend's social media identity and then reeling them in.
One Chicago area woman lost thousands of dollars from a scheme.
The scam starts when a user is communicating via Facebook Messenger with someone who looks like their friend. Even their picture is on the account. However, the person on the other end hacked their friend's account -- all to gain your trust.
"I was trying to help her out only it wasn't her I was helping out. It was some scammers," said Marianne Bliss.
Fox Lake police said a scammer used Facebook messages to fool Bliss.
She thought she was talking to someone on her "friend list" when she was convinced into wiring $3,000.
"Someone had gotten into my friends account and taken over the account and I really thought it was them and they kept me talking long enough to breach my security and get into my account," Bliss said.
Bliss said she thought the money was going to help someone with heart disease and other medical needs. The police report said the scam promised Bliss more money in return.
"Eventually she became suspicious, contacted her friend who then she learned it was a false message that was sent to her and her friend had no knowledge of it," said Fox Lake Police Chief Jimmy Lee.
Fox Lake police tried to recover bliss's losses.
"We went into the victims computer and copied all of the chat messages in this particular case we tracked the accounts to another state," Lee said.
However, the account where Bliss wired the money was closed - the trail went cold.
Many people on Facebook instant messenger don't realize they are not really talking to one of their friends, but they have been hacked.
Police said hackers send out phishing emails telling a user that their Facebook account has been compromised.
When they click on the fake link, they "change " their password and they take over the account and scam the user's friends. Friends like Bliss.
"They target your friends or anyone comes out of that same list they'll target the next group of friends as well," Lee said.
Lee said that they are seeing more of these scams.
Facebook said it has a dedicated team to help detect and block this type of abuse and that "it's an area we're continually working to improve so that we can provide a safe and secure experience on Facebook."
Bliss said she thinks Facebook needs to step up its security. She sent her message to Facebook to complain.
A "2 factor authentication" could make it harder for scammers to take over an account. Facebook offers this option to users, but it's not a default setting.
As for Bliss's friend who had their account hacked, police said Facebook shut her page down but then reactivated it when it was free of hackers.
Bliss said that if a user is suspicious that their Facebook friend is not the person they think it is they should report it and not send any money.
Red flags also include a Facebook friend mysteriously asking for money or starting to digging for strange personal information. Facebook said these messages should be reported immediately.
Posts or messages that try to trick users into sharing personal information or sending money, should be reported: https://www.facebook.com/help/reportlinks.
Users with hacked accounts can visit: facebook.com/hacked
Users can increase their security with a Security Checkup, which helps set a strong password, manage phones and computers where you're logged in, and turn on notifications to alert you if anyone logs into your account.
For more information about Security Checkup, CLICK HERE.
Full list of available security tools and features by visiting facebook.com/settings and clicking the Security and Login tab.
I can let you know that misrepresenting yourself on Facebook is against our policies, and we have a dedicated team that's tasked with helping to detect and block these kinds of scams. We've developed several techniques to help detect and block this type of abuse. At the time someone receives a friend request, our systems are designed to check whether the recipient already has a friend with the same name, along with a variety of other factors that help us determine if an interaction is legitimate. It's an area we're continually working to improve so that we can provide a safe and secure experience on Facebook.