A recent report from Barracuda Labs highlights the differences between real Facebook profiles, and the fake ones often used to propagate spam and other scams on the popular social network, which just so happens to be heading for a lucrative IPO.
Barracuda examined nearly 3,000 Facebook profiles, and made a note of the distinctive differences, which can separate the fake profiles from those used by a real person. The aggregated data comes from one of the company’s tools, Profile Protector, which helps users defend against malicious content on Facebook itself in addition to Twitter.
Their study illustrates how attacks on Facebook seek to exploit the concept of “friendship” and trust of widely-used applications.
According to the results, nearly all of the fake profiles examined identified themselves as female, and often stated that they are interested in both men and women. So take a note, if she is bisexual, she wants to scam you, no matter what the friend request states.
Speaking of friends, a fake profile had more than 700 friends on average, compared to a legit profile with 130 friends. Fake profiles will claim to have gone to college 68% of the time, and live within 300 miles or so of the high school or college they claim to have attended. (Legit profiles will live more than 600 miles away on average.)
Two major markers that split the real from the fake are image tagging and interests. Legit profiles will tag on person for every four photos on their account, while fake profiles will tag more than 100 people. As for the interests, fake profiles barely list any; where as the average legit profile will list a dozen or more.
Still the key indicator seems to be updates, as nearly half of the fake profiles observed never updated their status.
“Likes, News Feeds and Apps have helped lead Facebook to its social network dominance and now attackers are harnessing those same features to efficiently scale their efforts,” said Dr. Paul Judge, chief research officer at Barracuda Networks.
“These fake profiles and apps give attackers a long-lived path to continuously present malicious links to innocent users.”
An info graphic with the collected data is available here.