-
Home
-
Services
-
Services
- Audit and review
- Complex accounting matters
-
Corporate finance
- Financial statement preparation
-
Forensic investigations and security consulting
-
Governance, risk and compliance
-
Information technology
-
International financial reporting standards
-
Litigation advisory services
-
Operational improvement
-
Productivity improvement
-
Recovery and reorganization
- Specialized assurance services
-
Strategic advisory
-
Tax services
- Services A-Z
-
Services
-
Industries/Segments
-
Insights
-
Careers
-
Alumni
-
Press
-
Locations
-
About us
Press release:
People open wallets to fraudsters through Facebook and MySpace
An increasing number of Canadians are voluntarily posting their comings and goings and their personal data on Facebook and MySpace—even as alarms are sounding about the dangers of having personal data stolen and used for identity theft.
People don’t put a sign on their front yard or apartment door listing the dates they’ll be away on vacation and all of their personal data. But, “people are doing just that through the growing phenomenon of social networking Internet sites, where members post pictures and current information about themselves as a way of keeping in touch and sharing information with ‘real world’ friends, business associates, family and classmates,” states Grant Thornton senior forensic manager David Malamed.
Grant Thornton forensic partner Jennifer Fiddian-Green warns that identity theft, a growing threat whereby criminals use personal information to obtain credit and loans in a person’s name without their knowledge, is being facilitated by information posted on these social networking sites: “The more personal information the fraudster has, the easier it is to impersonate victims and wreak havoc on their finances and credit record. Some users of Facebook and MySpace routinely place information such as their date of birth, relationship status, locale, workplace and work history or even their address, email and phone number, right in their profile without any restrictions about who sees it.”
Passwords for credit and debit cards or on-line financial services are often based on family names: child’s, pet’s or mother’s maiden. These family details are now easily gleaned from many Facebook profiles—either from information actually posted, or from offhand comments or photo captions on the site. Listing extended family members on on-line friends’ lists, makes it a lot easier for criminals to figure this information out.
Jennifer Fiddian-Green states, “One of the recurring themes in our work as forensic accountants is the need to persuade both companies and individuals that their personal data—SINS, addresses, phone numbers, birth dates, credit card bills, etc.—should be treated as a valuable commodity. Identity thieves certainly treat it that way, which is why they steal it.”
There are options to limit the amount of information that can be seen in a profile by random browsers versus people accepted as friends. However, David Malamed advises, “There are two things to bear in mind before becoming too confident about the security features: first, the most important distinction about on-line friends is that they may not actually know each other in the real world; and second, large databases full of personal information are very attractive to hackers, since ID thieves will pay for that data. If the world’s largest financial institutions and retailers with sophisticated computer encryption can lose data this way, why should on-line social networking sites be immune to data security breaches or hacking?”
On its Web site, Sophos describes research conducted with 200 random Facebook members to see how many would accept a “friend” solicitation from a complete stranger, and how readily they would disclose personal information to that person (in this case, a cartoon frog named “Freddi Staur,” an anagram for “ID Fraudster”). Just under half responded, 87% gave details on their education or employment, 84% provided their date of birth, 78% provided their address or locale, 72% gave a personal email address, 26% divulged their instant-message screen name, and 23% actually gave their current phone number.
This doesn’t mean people need to avoid being part of the social networking phenomenon—they just need to be careful about what they reveal and with whom they choose to engage on-line. Facebook and MySpace are designed to be communities of shared interests, but like all communities there are good and bad citizens. “We need to stop making the scammer’s job so easy,” advises David Malamed.
-30-
About Grant Thornton in Canada
Grant Thornton LLP is a leading Canadian accounting and business advisory firm providing tax, specialist advisory, audit and assurance services to private and public mid-sized organizations. Together with the Quebec firm Raymond Chabot Grant Thornton, Grant Thornton has more than 3,100 people in offices across Canada. Grant Thornton LLP is a Canadian member of Grant Thornton International Ltd, whose member firms have over 585 offices worldwide and are represented in over 100 countries.-
- PRINT SIZE:
-
-
