Site icon Sophos News

IC3 urges social media users to beware: scams and fraud are surging

Scams and fraud are surging on social media, says IC3 annual report

Research from the Pew Research Center shows that 69% of US adults are leery about how their personal data will fare once it’s on social media.

Superb! They should be shaking in their boots, according to the FBI’s Internet Crime Complaint Center (IC3) annual report on internet crime.

According to the IC3’s report, social media is burgeoning as a favored playground for online crooks to hunt down targets.

In fact, 12% of the 269,422 complaints received in 2014 had a social media aspect.

The use of social media to pull off scams has quadrupled over the last five years, according to the IC3, with most cases involving exploitation of personal information through compromised accounts or social engineering.

Some of the methods the IC3 is seeing:

Clickjacking.

This scam involves hiding hyperlinks beneath legitimate, clickable content that, when clicked, can lead to malware downloaded onto victims’ computers, can cause victims to unwittingly send personal information to a fraudster’s site, or unknowingly share the scammy link with all their friends.

The IC3 says it’s seen numerous clickjacking scams that have involved rigged “Like” and “Share” buttons on social networking sites.

The scam’s not new, of course, though it is on the rise, and it’s easy to see why: it’s a proven money-maker.

Back in 2012, a Washington prosecutor told one firm to knock off its spam and clickjacking operations, which it agreed to do, though it was making a sweet $1.2 million per month off it.

How to stay safe: Regardless of how tempting it is to click on links like “watch a zookeeper being eaten by a giant snake!”, “Lady Gaga found dead in hotel room“, “Japanese Tsunami Launches Whale Into Building“, naked photos of a female popstar or “101 Hottest Women in the World“, if you see a scam like this on your newsfeed, be sure to remove it and report as spam to Facebook or whatever social media site it’s on.

You don’t want to share that dangerous junk with your friends.

Doxing.

This crime involves releasing a person’s identifying information online without authorization.

Granted, that definition might sound tame but private, personal information is valuable and privacy can be difficult or impossible to restore once its lost. People do it because the act itself hurts the victim but it can also lead on to or involve other crimes such as identity fraud, swatting, stalking or even revenge porn.

How to stay safe: Be careful about posting information about yourself, your family or your friends. It’s easy to leave a trail of small, apparently innocuous snippets of information after yourself that add up to something more harmful.

Start by locking down your social media accounts; Facebook, for one, translated its privacy policy into plain English a few months ago, which should help, as should our 5 tips to staying safe on Facebook.

Pharming / Phishing

The report highlights Pharming but I’ve thrown in Phishing too because the difference is largely technical.

Whether you’re Phished or Pharmed the criminals behind it are trying to fool you into visiting a fraudulent website and handing over personal data like passwords.

How to stay safe: The IC3 recommends typing in an official website yourself, rather than clicking on a link from an unsolicited source that supposedly leads to the legitimate site.

This can be quite difficult in practice so we suggest that you supplement your good judgement by using an anti-malware solution that blocks URLs know to be involved in phishing, and use two factor authentication on any websites that offer it.

In short, it’s good to be leery of social media.

There’s a lot to be leery about!

Image of social media courtesy of Shutterstock.

Exit mobile version