Connect with us

Hi, what are you looking for?

HEADLINES

6 Types of social media scams and how to avoid them

With more than 60 million active social media users as of last year logging an average daily use of 4.17 hours, Filipinos spend more time on social media compared to anyone else in the world, according to We Are Social’s Digital in 2017 Southeast Asia report.

With more than 60 million active social media users as of last year logging an average daily use of 4.17 hours, Filipinos spend more time on social media compared to anyone else in the world, according to We Are Social’s Digital in 2017 Southeast Asia report.

This fondness of Filipinos towards social media has resulted to cybercriminals exploiting social media platforms to prey on unsuspecting netizens. However, users of these sites remain careless, making them highly vulnerable.

This was proven by a study conducted by Kaspersky Lab last year which revealed majority of Filipino internet users are averagely at risk to attacks online. The research also showed only 1 out of 10 netizens (11%) can identify a safe Facebook web page. Facebook is the top used social media site in the country.

“While social networking sites appear like a safe online playground for millions of Filipinos, we would like to remind them that cybercriminals are lurking on the other side of the screen waiting for their next victim. The prevalence of scams in social media should serve as warning alarms for Filipinos to take their online security seriously,” says Sylvia Ng, GM at Kaspersky Lab Southeast Asia.

Advertisement. Scroll to continue reading.

As security is a two-pronged process, it requires effective security solution and users’ cyber savviness, here are the known social media scams plus tips from Kaspersky Lab on how to avoid them:

1. Scam: Mutual connection

In this scam, a stranger contacts you through social channels and claims a common interest or a mutual connection, for example, from an introduction at a wedding or large gathering. If you post a lot of pictures and haven’t updated your privacy settings, it’s easy for cybercriminals to make some educated guesses about how to best approach you.

Tip: If you receive such a claim, dismiss the conversation. Don’t provide further personal details and don’t add that person as a friend. Also, update your privacy settings to share your photos and posts only with people you really know.

2. Scam: Message from a friend

This scam appears as a private message from your friend. Attackers might have already accessed your friend’s credentials and forwarded them to a third party which can then use it to send spams to you and others.

Advertisement. Scroll to continue reading.

Sending spam from real accounts works better for cyber criminals than setting up false accounts because people are more likely to trust a message from one of their social media friends. They are more likely to click on suspicious links or to open questionable messages than they would if the message looked like it was coming directly from, say, a bank.

Tip:  If you start to get suspicious of social media messages from your friends, notify them immediately (but not by responding to any of those suspicious messages) that their accounts have likely been hacked. If you are redirected to a new page when you open the message, check the URL of this page. If it isn’t in line with where you expected to be sent to, leave immediately.

3. Scam:  Bogus password reset requests

A user might, for instance, get an email that has all of the themes and imagery of a typical message from a social media account, except this email will tell the user they need to reset their password and will offer that user a login prompt to do so. The user clicks on the prompt, is directed to a fake webpage that looks like the social media site, and then the user enters their login and password. Just like that, the phishing attack has succeeded.

Tip: Compare the address of the sender to the address that usually appears when you get an email from this person or organization — it’s probably a fake. Look for telltale signs of forgery in emails that request personal information – spelling errors are immediate red flags.

Advertisement. Scroll to continue reading.

If the prompt to a webpage to enter your data has an URL that is different than the site you expected to be going to, that is a sure sign of a phishing attack.

4. Scam: 18+ Video and Malicious extension

The scammer starts by hijacking several social media accounts. On their behalf, the criminal shares a post with a link to something that is supposed to be a YouTube video suitable for adults only. The bad guys also tag about a dozen friends of each of those accounts. The video would not play, and the page would suggest that you install a browser extension in order to play it. When installed, that extension steals your data because it has access to all the data the user inputs in the browser, including your logins, passwords, and credit card information — as soon as they type it in on some site.

The other thing it does is posting the same link to the same video on the victim’s social media page such as Facebook and thus continuing to spread the malware.

Tip: If your friend wanted you to click on a link, he would surely give you a better description as to why you should click. Either do not click on the link, or click and be extremely cautious about what you do next. Do not install or get rid off extension with no description, no screenshots and no rating.

Advertisement. Scroll to continue reading.

5. Scam: Trending topics

Twitter created the concept of “trending” topics, and hashtags are the medium for labeling content to increase its popularity.  However, there are users who hijack trending topics to lead to content that masquerades as relevant to the topic, but instead includes a link that leads to offensive or harmful web pages.

Beware, because whether it’s the latest celebrity buzz or a major tragedy in the news, trolls are particularly effective at doing this because their posts during sensitive times inflame readers —tweets mocking victims of school shootings, for instance — and by outraging people can entice them to click through to bad content.

Tip: Don’t feed the trolls and just ignore or report them. Whether they are bullies or spammers, sooner or later you’re going to end up with unwanted and potentially malicious followers. Periodically scroll through your list of followers and block to prevent them from seeing your updates.

6. Scam: Calls for help

Scammers often trick victims with shocking stories about dying babies, drowning puppies, or struggling veterans. Such posts travel around social networks disguised as calls for help and generate a lot of reposts, but a large proportion of them are scams.  In fact, they are used for financial theft, phishing, and spreading malware. Real calls for help are usually created by your family, friends, and friends of your friends.

Tip: Be vigilant and do a check on each post before clicking its “Like” or “Share” buttons. Don’t want to check each and every post of this kind? Then don’t click on it at all — don’t risk turning yourself and your friends into scam victims.

Most importantly, ensure that your web browser, antivirus, and all software programs on your computer are always updated to the latest versions that have the latest security patches.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

White Papers

Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into...

HEADLINES

As the year 2024 draws to a close, cybersecurity solutions provider Fortinet unveiled predictions that expect hackers will leverage as well as trends that...

Advertisement