When we hear about phishing scams, we think about email, but these days’ cybercriminals target people through social media. The ultimate goal behind this tactic is still to trick someone to click on a malicious link, and reveal logins and passwords or to share some sensitive information. Victims may unknowingly download malware that is sent by cybercriminals. Sometimes victims will enter login details onto fake websites or answer queries that are presented as legitimate requests or fun activities, like quizzes and games.
As we all know, social networking is all about interacting with people. It’s very easy to mimic official services like Twitter or Facebook, and hacked accounts can be used to mischief.
In this blog, we’ll be looking at some of the common scams that are lurking on social media platforms to raise your awareness.
The Facebook Phishing Scam
Facebook has become the biggest platform for cybercriminals to hunt their victims. Facebook has put a lot of effort into blocking spam and scams, but it still remains a hotspot for phishing attacks.
Cybercriminals will send emails impersonating Facebook. These emails will typically include messages containing a sense of urgency such as Change of passwords, or Password reset, and the person must click on a link or attachment. The link or attachment triggers malware.
But this kind of thing is a typical email phishing tactic that’s counting on your familiarity and trust with Facebook. You’re more likely to click a link when it appears to have been posted by a trusted friend or family member.
Many cybercriminals will use the platform itself. You may be befriend a fake account used by cybercriminals to get personal details. Hacked accounts are used to appeal to family and friends for money transfer. Let’s say a cybercriminal knows that an individual is traveling ( from his/her FB post), they will send an instant message through Facebook posing as a trusted person, explaining that they are in a trouble and need help and there will be a link to make a payment.
In addition, a lot of games and quizzes were released during the lockdown period on Facebook for us to enjoy. But some of these games and quizzes may have been linked with unscrupulous third-party developers. This could lead to the sale of your personal details and endless spam.
Be Aware of the Twitter Phishing Tactics
Similar to Facebook, cybercriminals have started sending phishing emails to collect Twitter login details. After getting access they send out direct messages to the contacts of those people to click on malicious links. As Twitter has a character limit on tweets, it’s easy for cybercriminals to hide dodgy links using services like bit.ly to shorten the URL and hide the real web address.
Another way, Cybercriminals have exploited Twitter is to offer people thousands of followers in exchange for money. Similar to Facebook you are asked to initial a payment and end up risking your identity.
The YouTube Scam
YouTube works on the number of viewers, cyber criminals trick the victim to give credentials by promising more views and traffic on their YouTube channels. Once the victim gave their YouTube account details and credit card number, the account can be used to scam others or inject malware
Cybercriminals trick their victims to click on a link by forwarding them fake videos on natural disasters and terrorist attacks. These events will create a curiosity in victims and prompt them to click on the links. A malicious ad pop-up window may trigger you to install a toolbar to watch the video or survey, and you end up installing malware on your system or exposing personal details which can be used by cybercriminals to steal your identity.
Cybercriminals create fake profiles of a co-workers or individuals with similar interest or industry to connect and gain personal information. Many times cybercriminals join group discussion on current topics or offering fake job application forms to get personal data or hack Linkedln account.
With so many scams lurking on social media, it’s important for all of us to stay vigilant. Here are our top tips on how you can continue to use social media platforms safely.
Tips for social media security and privacy
It’s important to follow some best practices to ensure social accounts are secured. Adopt the following practices on a daily basis.
Use strong and unique passwords
We know it’s a tedious job to remember passwords for different social accounts but using a single password makes the job easy for the hackers to gain access to all your social accounts.
Watch Out For Links in Emails
Criminals disguise emails from trusted sources and trick victims into exposing their personal details. Make sure you watch out for suspicious links and attachments in your emails.
Read our blog on Phishing discover the symptoms of a malicious email.
Once you post something on social media, it never disappears. Be careful about what information and personal details you share with others online. Oversharing of details can help criminals to collect pieces of your identity and create your digital profile to hack you on different platforms.
Privacy and security settings
Make the most of the privacy settings that social media channels provide. They are there to help you control who sees what you post, and manage your online experience in a positive way.
Don’t click on links
Links in email, tweets, posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
These are the top platforms that are used by the cybercriminals to get your personal details or trick you to make payments. Guard your personal information, be wary about who you connect with and, if in doubt, trust your instincts.
Be Cyber Aware. Be Cyber Safe. Be Cyber Smart.