5 of the top social media scams

With social media sites such as Facebook and Twitter becoming ever more popular, as well as a wide variety of other social interaction websites, so the huge amount of traffic that they generate has attracted the usual attention of virus writers and cyber criminals who want to target unsuspecting users. Scams on these types of sites are becoming more prevalent, so here 5 of the most common ones, as ranked by Symantec.

Chain Letters
These have been around since pre-computer days and the online version is very similar, with messages asking the receiver to pass it onto their contacts for some kind of reward. In the social media world these can now take the form of ‘re-tweeting’ on Twitter. The likelihood is, however, that both the reason for ‘retweeting’ the message and the reward for doing so would be fake, so the usual advice is to break the chain by simply ignoring it! The reasons scammers perpetrate such chain letters is usually for financial gain, or to get a list of naïve ‘friends’ to sell to, or target in the future.

Requests for Cash
Humans are sociable by nature and generally like to help others in need, especially friends. Many scammers take advantage of this generosity of nature by sending requests to ‘friends’ on social networks for financial solutions to serious problems. For example, a request from a real friend, or social networking acquaintance could be: ‘I’ve lost my wallet on holiday and need some cash to get home.’

Before responding to such a request, you should think how well you know this acquaintance, or whether the request is actually coming from a real friend. Even though it could come from his email address or profile, his computer may have been hi-jacked with malware that is sending it out to everyone in his contact list. The best course of action is to call your friend or acquaintance to ensure that it’s genuine. If not, then virus scan your computer to ensure that it hasn’t been affected as well.

Hidden Charges in Quizzes
There are many add-on programs within social network sites that encourage you to take part in a quiz. Some of your genuine friends may have participated and then sent you a link to it. Wanting to beat their score, or to see how you perform in comparison, you too participate in answering some questions that require you to input your mobile phone number to enter, so you can be contacted in case you win.

You then discover on your monthly bill that the ‘fun, free service’ that you un-wittingly subscribed to has extortionate sign-up and on-going fees. Some of these premium call or text services thrive on social sites and can be extremely difficult to un-subscribe from. So, the best course of action is to never give out your phone number unless you know the service or person that requests it very well.

‘Phishing’ Scams
These widespread scams have been very successful for criminals and involve fake social (and other) sites that look identical to the original ones. You receive a message on a social site, or by email, that provides an irresistible offer if you click on the link provided. You’re then taken to a duplicate site where you enter your log-in details and possibly also bank account or credit card details. The cyber criminal now has your password, sensitive financial details and full control over your account.

The recommended practice in this case is to ensure that your anti-virus protection software has anti-phishing defences that will automatically recognise these requests from its regularly updated database and instantly delete them. A secondary precaution, as some of these types of messages can sometimes fall through the safety net, is to never enter your details into a site that you’ve arrived at through a link in a message. Always do a secondary search for that site and go to it directly, as search engines are good at picking up and removing fake versions of sites.

Hidden Website Addresses
Social networking sites – especially Twitter – have shortened website addresses (or URLs) posted all over them. These hide the full location, so you don’t know exactly to where you’ll be directed if you click on them. Cyber criminals take advantage of these hidden URLs by landing you on a phishing site, or one that installs malware on your computer. The best defence against these is to have up-to-date anti-virus software installed which will detect these kinds of sites.

There are of course numerous other scams that might be doing the rounds, but all of the above have proven to be very effective, as the cyber criminals have progressed from creating viruses that might have been put onto your computer through ‘backdoors’, to implementing more current techniques that act maliciously online through attracting the social networking sites’ huge volumes of traffic. You therefore need to be alert to these practices and make sure that your anti-virus software is effective and up to date.

If you’d like to know more about these types of social networking scams and how they could adversely affect your business, please contact us now.

At the recent World Economic Forum held in Davos, experts discussed the extent of Internet fraud and it’s estimated that between 100 and 150 million PCs are now part of botnets – PCs infected with trojan virus programs run to execute online fraud scams, release spam email campaigns and infiltrate user personal identity information. All PC users should be aware of the latest methods virus originators employ to gain ‘backdoor’ access to PCs.

The recent storms that swept the UK and Europe saw the release of “Storm Trojan” – a supposedly informative email entitled ‘230 dead as storm batters Europe’. Unsuspecting users clicking on the email attachment (Video.exe, Read More.exe, Full Clip.exe or Full Story.exe) have contaminated their PCs and given hackers a means to access financial and personal information (both with a resale value) from the PCs’ hard drives.

The security firm F-Secure confirmed that the assault originated from Asia and estimates that thousands of users have unwittingly infected their PCs. Mikko Hypponen, Chief Research Officer at F-Secure stated: ‘Trojan assaults of this scale are an unfortunate and increasingly common event. What is significant here though is the timely nature of this assault in relation to the European storm. Malware gangs are clearly using every technique and even tragedies like these to gain access to vulnerable machines.’

The weekend following the storms also saw an influx of ‘follow-up’ emails purporting such news as ‘Saddam Hussein alive!’ and going so far as ‘Third World War just have started!’ Hackers, pleased with the impact of their new ploy were obviously on a roll! More emails using the same technique are likely to follow.

Experts at Symantec estimate that over 300,000 PCs are now infected and were quoted as saying the Storm Worm and its variants is now the worst malware outbreak since 2005. As usual, security firms advise all users not to open emails or attachments unless from verified source – companies need to make all staff vigilant and not to open emails reporting celebrity or sensational news events and to keep security software up to date.