• by Erik Sass , Staff Writer @eriksass1, July 30, 2010

Stupid is as stupid does, mama always said. I'm not quite sure what that means, but I have a feeling it has something to do with giving money to people you don't know online.

The rise of social media has been accompanied by all sorts of exciting innovation by clever crooks, for example burglars spying on social network users to figure out when they'll be away from home. But social networks are even better-suited for con men and identity thieves, who exploit the inherent sense of trust and affection between friends to scam unsuspecting users. That's according to New Jersey Attorney General Paula T. Dow and the state's Acting Consumer Affairs Director Thomas R. Calcagni, who say they have seen an increase in the number of social media scams on Facebook or other sites, often using hijacked accounts.

The NJ officials' statement warns against one common approach in which scam artists hack into a user's account and access their address book, then send messages pleading with their friends to wire cash because they are stuck in some foreign country. To make it extra-alarming, they might construct elaborate stories about being robbed, getting sick, or having an accident in some place that is nice to visit, but not somewhere you'd really want to stay. They can even throw in details like the names of spouses or boyfriends/girlfriend and various kinds of biographical information to make it extra-convincing -- all gleaned from the user's profile, of course.

Dow stated: "People lower their guard when someone they know from a social networking site needs their help. Rather than sending an email to random people, these thieves have learned they can improve their chances by hacking into social networking accounts and then directing pleas for money to the account holder's list of friends." Common tricks used by criminals trying to hack into social network accounts include anything which requires you to paste a URL into your browser, quizzes, polls or contests asking for personal information like your social security number, credit card number or bank account information, requests to update Flash or download a new program, and anything that asks you link to another page and invites your friends there.

Okay, I don't want to be too harsh here because I imagine the criminals can go to great lengths to present a convincing come-on, and they're taking advantage of good-natured, trusting individuals. But trust is overrated, and there is a right way and a wrong way to be good-natured.

First of all, if someone sends me a serious message over a social network, my first instinct would be to ask why they didn't send me an email or call. If they are sending the message to my email address (having located it in an online address book) I would be somewhat more inclined to hear them out, but it would be pretty easy to confirm that they are who they say they are, by asking questions like "where/when did we meet," "when's the last time I saw you," or something else -- not on their profile or anywhere else online -- only they would know. I'd also try calling them and sending messages to their other email accounts seeking confirmation of the story.

And after I finally confirmed they were real, then -- and only then -- would I tell my friend in Turkish prison to go hit up someone else cuz I blew it all in Vegas last week. Good luck and godspeed, voyager! P.S. send a postcard.