[Editor’s Note: We later got our identities spoofed too by the same joker. –mrh]

Identity management. Verified accounts. Facebook scamming. Identity spoofing. 419 Scams.

We’ve all heard the stories of these things, it’s not uncommon to hear of a friend getting hit up on Facebook by a friend on their list who’s suddenly “stuck in London, wallet stolen, passport gone, and in need of $500.”

John Furrier has been pinging me seemingly incessantly for the last three weeks to write something up on this topic, but frankly I thought it was a little passe, sort of like the email we all get on a daily basis:

I am Mr. Dramane Yadi, I work in the Accounts/ Operations Department of a Prime banks here in Abidjan Cote D’Ivoire. I actually have an urgent and very confidential business proposal for you. I got your contact from Internet and decided to contact you immediately.

It’s all passe until it happens to you.

This morning, as John noted on /SAbackchan, three well known venture capitalists in the Valley didn’t have their Facebook accounts hacked, but rather spoofed.

Here’s John’s account of the incident:

Over this past week one creative entrepreneur has decided the best way to pitch his company is to hack the accounts of the VCs that he’s targeting to demonstrate the TRUST or verified account issue. I have seen first hand that Tim Haley, Ron Conway, and Jeff Clavier have been hacked. It appears that nothing malicious has happened but certainly some visual reconfiguration of their page took place.

Not sure if that is a the best way to get attention to get access to funding sources. Talk about Trust that is the worst way to get attention for a financial partner.

Originally, we thought the accounts had been hacked, but it appeared that fake Facebook accounts, Twitter accounts and email accounts had been created for all three VCs.

The fellow who spoofed Jeff Clavier’s account conversed with us as Jeff Clavier, giving us no indication that he wasn’t.  It wasn’t until John got a bit suspicious, noticing that he had no address book entry for this account that he questioned it in the email thread, saying “This account is not Jeff’s account; he uses softechvc.com.”

It was at that point the spoofer came clean:

It’s always about funding!  I have a solution.  A unique proposition and an exit strategy.  But you want a big story.

100’s of millions of users are exposed.  Professional, social and e-commerce interactions are happening at a geometrically increasing rate.  Personal and professional secrets are easily hijacked.  No way of verifying the person you are connecting with is genuine and verified.

Today, for 100’s of millions of users, no protection.  No verification.  No user control.  No single point of generation.  No single point to maintain all persona profile data.

Facebook, Twitter, Amazon etc have the data THEY want and it is an island.  Power to the user!  Move profile data into a protected, controled, unified profile maitained by the user and voila!  Verified users everywhere.  You have trust.
Facebook, Twitter, Amazon etc. are not in this business.  But they will have much pain.  Each of their efforts is a point solution.  The market requires a pan-Internet solution.

Do the story.  It is a huge story.  Web 3.0 is about trust…

As Sean P. Aune also noted, this isn’t going to make me rush out to go invest in this guy’s company.  We contacted Jeff’s office, and they clammed up immediately (we assume their next call was to their PR agents).

While this wasn’t the best way to go about making a point, it clearly is an issue that bears scrutiny.  Twitter has attacked this problem by creating a verified accounts system. Facebook has remained strangely silent on this potential feature, though they do have the mechanisms to do identity verification in place.

I know this because when it comes to covering their rears from potential music industry lawsuits, they go above and beyond in checking the identities of their users.

Back in November of 2007, I ran a story at Mashable about a band called “Uncle Seth” by Jay Moonah. It recounted the convoluted identity verification process that Facebook made Jay jump through to simply upload an MP3 of his own band’s music to a Page he created.

If they can do that to cover their butts on copyright protection, shouldn’t it be trivially easy to adapt that system to create a verified account system as well?

Until Facebook addresses this, expect advertisers and businesses to be particularly nervous about moving serious transactions to the system.