Jul 21, 2007

Posted by in Security | 14 Comments

Swindlers in Friendster Philippines

friendstr.pngA few days back GMA Tv News Saksi reported on fraudsters operating in Friendster. My Apologies to the non-Filipino’s viewing this as the report is in Filipino.

Basically it went like this: It started by a user receiving friendly messages from a friend from abroad in her profile page which elevated to an exchange of cellphone no’s. She initially asked for some cellphone load, then started borrowing money. To the point that she even borrowed 15,000 for a medical operation.

The victim started doubting the identity of her friend but the friend was able to put her at ease with information that only she would have known. Then the victim started hearing from her friends that somebody was impersonating her at friendster and borrowing money. The final straw was when the friend asked her to buy a laptop for her friend’s relative in Davao to which she would pay her back.

An entrapment operation ensued and the perpetrator was caught in Davao. The perpetrator was a female and she admitted hacking into the account of the victim’s friend. She did this by using the email address found in the profile page and studying the information found in her page to come up with the password. The perpetrator caught during the CIDG entrapment operation is now being charged with Estafa in Manila. I think they could charge her with hacking also because it is covered by the Philippine E-commerce law.

Its sad to hear news like this, of technology being used for bad things. Definitely not the fault of Friendster as they are the no.1 Social Networking site in the Philippines and with that much number of Filipino users in them they are a magnet for scammers wanting to dupe innocent and unsuspecting victims.

On Friendster’s side, I think it would be good if they could add a password reset function in their account, which locks down the account after a couple of bad Log-in tries.

From this report, what I think we can learn from, with regards to our Social Networking account pages are:

  1. You shouldn’t post email and cellphone information in your profile page.
  2. As much as possible lock your profile page to people that you only know. That way they can’t use your information to hack your friends account or worse, your own. For females, this has the added benefit of your bikini pictures not being harvested and showing up in Philippine p*rn sites.
  3. Strengthen your log-in passwords. Use a minimum of 12 characters using non word forming letters and numbers.
  4. Remember to Log-out of your Friendster Account after you use it – As suggested by Eric. Friendster’s cookies doesn’t seem to have an expiry date, hence not logging out will mean that the next person who uses the computer and accesses Friendster will be able to enter your account.

In the back of my mind I still can’t help but cast doubt as to the method used to hack the account. Looking at the perpetrator, she didn’t look like the type who would spend all day behind a computer trying to figure out a log-in password. Could it be that the passwords were harvested using a key stroke logger placed in a computer of an internet cafe? Definitely the Syndicate angle mentioned in the report would be more logical. The person caught looked more like a pawn or a bagman, easily cut loose and cast away when the plan goes awry.

On a personal note, I’m also saddened that the person was caught in my home town of Davao. Is this the price of cheap internet access (average Php 10-15/hr) and abundant free wifi connectivity in the city? Making it easier for crooks to get online and scam people?

In the end, we just all have to be vigilant.



  1. Its really too bad, hearing about this. I think with the increasing popularity of Friendster and other social networking sites, its becoming the new focus of modus operandis in the Philippines.

    I myself have personally opted to cancel some of my social networking profiles due to some serious damage in personality too.

  2. there are just a lot of Friendster users who doesn’t know how to click the “Sign Out” button after their session.

    when i check my friendster in an internet cafe, chances are the friendster is still logged in to the previous PC user.

    it’s not just my habit to sneak in to these profiles, since its not mime. i just sign it off, then log in my account.

    >> and log out after using it.

  3. @eric

    Great suggestion eric!, let me add that to the post

    @sweetperceptions

    Good decision. Hard to balance a lot of accounts sometimes :D

  4. That’s absurd. How can you be naive enough to not ask for other contact details when you’re dealing with a large amount of money.

    Don’t trust anybody from the internet, period. The person online may not be the same as the person behind the monitor.

  5. It is sad that this happened in my hometown too. But could be anywhere. What’s more alarming is that Friendster became a from of communication? Where’s the cellphone when you need one.

  6. lets dont judge that swindler in friendster scam we dont know that shes only a victim..lets us heard her side also..coz i heard from some friends ..the swindler from dvao is already out of the jail and also dismiss the case against her coz of lack of evidnce and also the complainant stated she misunderstand and hndi sinsdya ang pangyayari she already dismiss the case agaisnt the swindler from davao..

    see guys lets see and wait also the true testimony f the accused person sometimes media is super exagge to deliver the said news…i also a journalist i heard that the said accused statment in gma is to short hindi pal yun yung sinbi tlga ng accused..

    she said that she invest money afterwards she dont know that she already fraud of someone..shes also a victim not a suspect…
    friends out there lets not fucos of one side of stastment lets also liste to accused party also….

    like now tayo rin napahiya knowing that the swindler from davao is criminal but not..tsk tsk..tsk… honestly im too shy for myself coz i honestly judge the swindler from davao

    but when i heard kapwa journalist that yhe case is dismiss by complainant i almst down sa kahihyan for judging the poor girl called swindler from davao…

    so next time lets not judge the book by its cover or buy listen one side lets listen both side para hindi tayo mapahiya..

    to the girl accused of the swimdler from davao a big apologize from my friends and family…

    sana mad pa media ka rin para all people know that walang kang kasalanan…

    mey god bless you!!

  7. I am currently experiencing the same problem. somebody cracked my Friendster password and now has full control over my friendster account. Is there any way to retrieve my Friendster account? please help

  8. better stop

  9. LOUIS KESTENBAUM A SATMAR Chasid is being accused. WEST PALM BEACH, Fla. (AP) – A teenage girl has filed a $50 million lawsuit against a New York billionaire, saying he sexually abused her when she was 14.

    Louis Kestenbaum”s attorney says the allegations are false and motivated by money. Kestenbaum is also the CEO of Fortis properties and the ODA a goverment funded organisation in the williamsburg section of Brooklyn NY

    The girl, now 17, claims Louis Kestenbaum invited her to his Florida mansion in 2005 to perform a massage for $300. The lawsuit, filed in federal court, claims he demanded she remove her clothes, then sexually assaulted her.

    The girl, her father and stepmother are seeking more than $50 million.

    Joel kestenbaum the son of Louis kestenabum had no comments

  10. ang hirap ng kumuha ng friendster

  11. Roland Casulla says:

    Since friendster is the best site to look for long lost friends… I hope there could be a way to use this also as a way to catch people like swindlers, bad peolple who are doing or have done harm to others and got away from what they did. You see, bad people do that, do bad things and escape, well, if there’s a site that can post that swindlers name and picture, those victims could come together to catch the predator. please somebody do something to make this work! thanks!

  12. Suzanne Aviso says:

    Last March 28, 2009, I’ve been a victim of an ATM card card-switching swindler at Ayala Center Cebu. The swindler (a pretty girl,about 30 yrs. old,stands 5 feet tall)lined behind me at the ATM machine and managed to take note of my pin no. while I was withdrawing. She then followed me inside the mall, approached me and told me that she was behind me at the ATM machine a while ago and that my P500 was left at the machine,and was in the custody of the mall guard. She then asked if she could take a look at my receipt and my ATM card, and too trustful that I was, I did so. In just a blink of an eye, she handed me a similar card but no longer mine. Upon noticing that the card she handed back to me was no longer mine but just a same-lookong one, she then pinpointed me to the guard and said that my ATM card and P500 was with the guard. When I went to the guard, the latter said that no ATM card or P500 was with him, and when I went back to the girl, she was no longer there and nowhere to be found. It then dawned to me that I was swindled, and went immediately to my depository bank to have my card cut-off, but then it was too late already. In just a matter of 10 to 15 minutes, the swindler has already managed to withdraw P40,000.00 from my account, much to my dismay. It’s just amazing what other people are capable of doing just to deceive other people because of money! Well, the swindler certainly will carry that burden all her life! And to think she was able-bodied,and she was pretty, she could certainly look for decent jobs! And yet, she chose to earn money the bad-way! It was my hard-earned money and I lost it in just a snap of a finger to a heartless lady whom I could not locate anymore. Let this be a lesson for us all to always be alert of swindling schemes/swindlers around, especially if we’re in public places.

  13. they all want easy money thats why they fool people of their hard earned money.

  14. friendster is full of scams from the UK also so beware everyone

Trackbacks/Pingbacks

  1. A Hacker and Swindler from Davao « Buddy Blogs - [...] First seen on: Pinoy Tech Blog [...]

Leave a Reply