US legislators targeted by identity thieves and account hijackers

Facebook accounts of four Missouri state representatives and one staffer have been compromised and sporting mortifying messages.

The interviewed affected politicians – Republicans Donna Lichtenegger and Dave Schatz, and Democrat Stacey Newman – agree on one thing: they have been using the free Wi-Fi network instead of the protected account for legislators.

On both Schatz’s and Lichtenegger’s profile, a message extolling their love of lobbyist, free food and stuff they get from them and of their job was posted only hours after they used the Wi-Fi network.

For those wondering why is there such a network in the House side of the Capitol at all and why the traffic on it isn’t monitored, the response is they wanted to assure visitors and journalists that their online behavior wasn’t monitored or censored.

Even though the legislators have been made aware that they should be using the dedicated protected Internet access when doing official work or performing other sensitive assignments and that there is a inherent risk in using the public wireless Internet, many still fail to do so because they ignore the warning, forget to use it or simply don’t know how.

And while Fowler Brown – the founder of the company that provides wireless Internet to the Arizona Capitol – speculates that the account compromises may be the result of the use of the Firesheep extension, James Lewis from the Center for Strategic and International Studies in Washington thinks that it is possible that the malicious individual behind the attack has simply guessed the passwords.

“It’s worth trying to figure out if this was a wireless problem or a password problem,” Lewis said to the St. Louis Post-Dispatch. “That would give you an idea of what defense you need.”

And while the compromise of the Facebook accounts of Missouri politicians has resulted in a rather harmless prank, Connecticut’s state representative Kim Hunter Rose found her name and photo misused by an unknown person who opened a Facebook account in her name and used it to try to get her friends to send in money.

The Connecticut Post reports that Rose already had a Facebook account and that she never used it to chat with her friends.

But the person behind the rogue account did just that, asking Rose’s friends to lend “her” $650 dollars to pay a tax on some money winnings, after which they would supposedly get half of the winnings.

The fake account is now down, but Rose says that it’s probably the result of repeated messages she and her friends sent to its owner and requesting a takedown. She says she was unable to reach anyone at Facebook to report the issue.