Identity theft isn’t a new term it’s been around for years, though now with 1.75 billion people actively using Facebook per month we have become more susceptible to the online version of the crime. The increase in online identity theft can be attributed to the fact we now capture and add all aspects of our lives onto social media platforms, though little do we know there may be an online "creepers" watching our every move.

Recently a Milestone Information Technology staff member became a target of Facebook identity theft, when another user decided to create a fake profile of the staff member under a different user name. After investigating the issue further we found the creator of the profile was located in Morocco and went by the name Amin.

The fake profile set up by the user who went by the name Amin.

Amin’s downfall came when he sent the staff member a friend request from the fake profile and also a private message. The message was a declaration of his love for her and the reason why he set the profile up. Amin declared that, “ I take your Facebook page because you make me crazy”. In any circumstance this isn’t normal behaviour in both a online or real world environment.

The private message sent from Amin to the Milestone IT staff member.

At this point the message was blocked and the request denied by the staff member. A first breach of privacy was reported to Facebook and their response being a generic email explaining that the profile “doesn’t go against Community Standards." The response left us all perplexed as to why the profile was not removed. Especially since it was obvious that the account was a fake, as all photos used on the account were stolen from the staff member’s profile. How could the Facebook team not see this?

The generic response from Facebook.

A 2nd report was made under a different reason and eventually Facebook removed the profile. Why did it take so long for Facebook to take the profile down? Especially when they pride themselves on the privacy of it's community.

Facebook’s 2016 report reveals that there are 1.23 billion monthly active users and out of this between 67.65 and 137.76 million account are duplicates or fake. These kind of figures sets the precedent for how many other cases of online identify theft may be taking place and how it’s apparent (due to our staff member experience) that the Facebook team are struggling to keep up with these reports made by users.

After looking into Amin's profile it turns out that the fake profile was set up to aid a prostitution ring located in Morocco. It's easy to see that at any time it could have escalated to another level in terms of damages to our own staff member and their public profile. It’s a huge wake up call that anything you post online and not set to private is pretty much owned by the general public.

Here are 7 tips that Milestone IT recommends in order to keep your private information private:

1) Make sure you privacy is at it’s highest level

All social media platforms allow you to set your own privacy levels. Go into your account details and make sure your settings are at its highest level. This means adjusting who can view what is on your public walls. You can adjust settings so that only friends can view your posts.

2) Keep your personal information minimal

You don’t need to fill in every detail of your profile. The less information you make public, such as date of birth, education and workplace - the less likely someone will be able to login to your accounts using your secret questions.

3) Don’t save card/bank details on sites

Most websites and applications have add-on packages that cost money. Be careful what security is provided on any site. Do not save any bank details to sites that may not come across secure.

4) Check what third party applications are accessing your account

LinkedIn, Google+ and Facebook have options to see who you have given access to in terms of accessing personal information to emails and your address book. When you sign up for applications in most cases you need to agree to terms and conditions. Within these terms and conditions you can give full access to third party companies. You should your social media accounts at least once a week to make sure you haven’t given full access to third party companies

5) Get notifications when your account is accessed from a different computer.

You can set your Facebook account to send an email when your account has been accessed through a different IP address or device. Another great feature of this security setting is it gives precise location as to where you have been logged in. So if you are in Melbourne and your account has been accessed in Darwin you know something isn’t right.

6) Regularly change your passwords.

This is a GOLDEN rule. The more you change your password the less likely a person will be able to access your account on a regular basis.

7) Don’t accept friend requests from people you don’t know

Do not accept friend request from people you have not met in you real or online life. In most cases these people are snooping for personal details in order to access other accounts you may have.