Be Wary of Online “Friends”

By Ken Gibson

Topic:  ID Theft

January 31, 2022

The internet has slowly, over time, changed the way we interact with the world. While long-distance relationships, both romantic and platonic, weren’t unheard of before the web, they’ve become more and more common as we’re able to casually and instantly interact with people from around the world. Even the language barrier is slowly starting to soften as machine translations begin to become more accurate.

While this is a great boon to our society in many ways, especially when people are isolated for whatever reason (as we’ve all learned over the past couple of years) it is also, sadly, an equally large boon for people with less pure intentions.

Many scammers and other bad actors use someone’s desire to make friends against them, as an opening for whatever their goals happen to be. As a result, you need to be able to separate fact from fiction when it comes to online friendships.

How Can People Use Online Friendships Against You?

Depending on the source, you have to be wary of a wide variety of different threats from online “friends”.

Existing Friends

When it comes to people you already know, threats are likely to be rare but not nonexistent.

If you know someone in real life as well, the threat is even further minimized as you have other ways to check up with them besides whatever medium you’re friends with them on (for example, you can probably call or text them, or even visit in person instead of chatting over Facebook).

The main threats are going to come from someone else taking over your friend’s account and trying to get information out of you, or a friend intentionally trying to hurt you because they were never really your friend to begin with.

The former is rarer than you might think, and when someone claims they were “hacked” on Facebook or other social media after saying something stupid or trying to scam people, they’re probably lying. Still, it’s worth watching out for.

It’s especially worth being wary of family members and other people you’d trust with very sensitive information like your credit card number.

Never send that information over social media even if you think you know someone. Even if you’re sending it to a legitimate account now, there’s always the chance that that account could be invaded later, and now there’s an accessible record of that information in the chat log.

This goes for texts as well.

As for the other subset…they’re certainly easier to spot. If a friend starts talking about some great new business opportunity they have, chances are it’s a scam. Maybe not one they’re intending to inflict on you, but the classic way multilevel marketing scams are spread is by people contacting friends they haven’t talked to in ages to try to get them sucked into the same MLM they’re involved in as a downline distributor.

New Friends

The time you have to be the wariest is when a new friend request comes in.

These requests could be from anyone, even if you think you recognize the name. When a social media account does get hacked into, one of the first things the new user does is often to send out as many friend requests as possible to as many people as they can to try and spread whatever they’re trying to spread.

This is of relatively minimal danger in some senses, depending on how much time the new user is planning to spend on each friend request they send out, but it’s worth being wary of an old friend attempting to “catch up” with you and learn more about you.

When they’re friends with you they often have the ability to look at all the information you’ve made available to friends, such as your other friends (who they’ll also likely send feelers out to) and things like the names of your spouse, kids, and pets along with basic information like your (and their) birthday.

If you happen to use insecure passwords (which many do on social media accounts, as they consider them unimportant) this information is invaluable to them for letting them guess your password, which lets them access even more sensitive information.

“Friends” like this are the most common source of low level identity theft breaches, and depending on how insecure your passwords are (if you share the same passwords, or variants thereof across different accounts as a lot of people do) they can cascade into even more dangerous things.

For example, if your Facebook and email share the same password…it’s pretty much over if they know any other site you have an account with. They can simply reset the password you use for things like your bank account and turn a seemingly insignificant breach into a disaster.

This is where multi-factor authentication comes into play, as a side note. Having that extra bit of safety with a code texted to your phone number being required to reset your password can save your bacon in a pinch even if your attention to security is otherwise lacking.


Last Updated on