New Friend Request? It Could Cost You

Nowadays it seems as if everyone has a presence on social networking sites: grandparents, teachers, old flames. And dont forget con artists.

According to new data by the North American Securities Administration, that pending Facebook friend request or link from a "friend," could be an investment fraud scam that could cost you more than wasted time on the Internet.

"One of the hallmarks of investment fraud is that anyone can be at risk," says Bob Webster, spokesperson for NASAA, the North American Securities Administration, an international organization devoted to investor protection. "In times of economic uncertainty or a down economy, a lot of investors are nervous and looking for better-than-market returns. As a result, they may be a little more open to pitches for alternative investments rather than traditional stocks and bonds. These pitches are increasingly being sent through sites like Facebook, LinkedIn, MySpace, and more."

Con artists take advantage of investors economic jitters and desire to find alternative investments and are now targeting their scams to news headlines. Common investment scams today may be offering deals on "distressed" real estate, alternative energy, or gold.

"They will approach you to invest in an energy company or gold that may or may not exist," says Webster. "When the price for oil fluctuates, con artists will also float oil and gas as an investment. In all cases, however, they are looking for investment newcomers who don't have a lot of investing experience."

NASAA does not have data on the number of investment scams on social networking sites or the number of victims because the trend is just beginning to be reported in the US and Canada. Recent scams that have surfaced include a gold investment scheme from Ghana being floated on dating websites and a stock program on Craigslist that promises 100% monthly returns.

"It never fails to surprise me the types of pitches you see out there," says Webster. "But falling for an investment scam is easier than you might think."

A common method used by con artists on social networking sites is to "friend" a leader of a community or group of people, such as a pastor at a church, a teacher, or a president of a social organization. The goal is to get that person to successfully invest in the scheme and report back to his or her network. The con artists will then take advantage of everyone else who invests in the scheme. This type of scheme is called an "affinity" con because it targets already-established relationships.

"This is not to say that you shouldn't trust your pastor if he's giving you some friendly advice, but if any investment seems too good to be true, it probably is," says Webster.

In other cases, con artists may "hijack" a person's Facebook profile and post as many links to their scam as possible on other people's walls or in their mailboxes. It will appear as if the post is from a friend, when in reality that "friend" has been hacked and is oblivious to what's being publicized on his or her behalf. Another less common scam involves a con artist creating a new profile and establishing a level of trust with a person through friendly messages or party invitations. Webster says it's much more difficult for con artists to go this route though, and they will most likely contacting you through a friend you already have.

Above all, consumers should remember that skilled con artists will try to mimic some of the successful strategies of legitimate brokers and financial professionals.

"Just as your financial planner would establish a relationship with a client, a con artist will get to know their mark, says Webster.

One way to spot a scam that may be coming from a close friend-- or even someone in your family-- is if it seems totally off topic.

"If you've been having interactions with your friends about a barbecue you're hosting and then they interject something about investing in a gold company, that's a red flag," Webster says.

Other red flags may be obvious to many social networkers by now, says Gunter Ollmann, vice president of Research at Damballa, an Atlanta-based security consultancy that protects businesses from organized online crime.

"The tools are changing, but the whole concept of building up a trust relationship with your mark has been around since the dawn of time," says Ollman. "Things like spam emails for Nigerian banking fraud, those have been around for most of the modern Internet. Only recently with the integration of social networking sites, did it become easier for con artists to run searches for who might make the easiest targets."

Social networking sites allow con artists to run searches and narrow down their scope based on certain criteria including age, marital status, where a person lives, and even their hobbies or interests. Con artists are also well known for creating Facebook groups about a certain social issue or interest and then harvesting the personal information of group members.

To prevent having their social network pages hijacked, users should have a different password for every site.

"You shouldn't recycle passwords. A hacker can go in and scrape all your user accounts from your web browser and start selling your account details," says Ollman.

According to Ollman, con artists will pay approximately $20 per Facebook account if a person has more than 2,000 friends. For accounts that have between 100 and 300 friends, the rate goes down to around $200 for 10,000 accounts.

"The bad guys are buying them in bulk.