Hacking of Facebook often easy to do
When Christchurch mayoress Jo Nicholls-Parker had her Facebook profile hacked this week, the hacker changed her name to Robyn Manning and posted several updates before Nicholls-Parker regained control of her profile.
There is no figure on how many New Zealanders get their Facebook pages hacked each year. Under New Zealand law, Facebook hacking is classified as unauthorised access to a computer system.
Police last year recorded 47 offences nationwide of accessing computer systems without authorisation, and 347 offences involving accessing computer systems for dishonest purposes.
Police spokesman Grant Ogilvie said there was no way to tell how many of these offences involved Facebook, and there could be other incidents involving the social networking site that went unrecorded.
The hacking of Facebook profiles is commonly known as fraping. The term combines the words "Facebook" and "rape" and is used to describe incidents where a Facebook profile is hijacked by someone else.
"Quite a few people who call Netsafe have lost control of their profile," Netsafe executive director Martin Cocker said.
"It's the same process as taking over the user profile of the user on any other site. You have to guess the person's password successfully."
Fraping is commonly done as a prank between friends, when one leaves their Facebook page open, allowing another to access it and change details.
Canterbury University psychology professor Lucy Johnston said the most obvious reason for an anonymous hacker to take over someone else's Facebook account was jealousy.
"If you can say something mean about somebody else then you look good in comparison. It's linked to the tall poppy syndrome. It can also be revenge," she said.
"Another reason might be that this then enables the poster to act as a friend or supporter to the person whose account they hijacked, therefore setting up a situation to make themselves look good."
Cocker said fraping could also be done for financial reasons, such as scamming the account owner's friends.
A Hamilton woman recently lost $500 to a scammer after they hacked her friend's Facebook account and used the instant messaging function to persuade her to send the money.
WebSafety NZ owner Dean Stewart said: "You need a secure password. That means a combination of numbers and letters and special characters. If your password can be found in the dictionary, then your account can be hacked by running a software."
Internet investigator Forensics NZ managing director Mike Chappell said fraping was often done by people who knew the owner of the account.
"Normally it's someone who knows you well enough to guess your password," he said.
"People don't tend to change their passwords very often between different applications. Often people will get in because people are quite lax with their passwords."
If hackers could get into someone's email account, they could easily access their Facebook account, Chappell said. People shared too much information on Facebook profiles, which made it easy for hackers.
"They share the names of their parents and their grandparents. A lot of the time the security question for resetting your email password would be 'What is your mother's maiden name?' And if you've put it on your Facebook, then they know."
He warned Facebook users against accepting friend requests "willy-nilly".
"They could be anybody. People accept friend invites too easily. They can see every bit of detail," he said.
Johnston said people whose Facebook accounts had been hacked would feel hesitant about using the same form of social media again.
"People are likely to feel that they have been violated by the hacking as the information changed by the hacker is likely to differ from what they themselves would say about themselves," she said.
"People will worry that others will believe the hacker's posts even after they are told that they were from a hacker."
NOT SO SECRET
The 10 most common passwords are:
- © Fairfax NZ News
Which do you think is the quote of the year?Related story: Best quotes? Cats, sweat and Aaron Gilmore