Social media scams on the rise: Here’s what you should look out for
SOCIAL MEDIA has become a way of life. It has evolved from a platform for friends and family to stay in touch to a madly complex ecosystem that allows everyone, from consumers and companies to groups and governments to connect and interact on a personal level.
It has created a world where the United States president wages war over Twitter, people are creating Instagram accounts for their newborn children (and even pets), and self-validation is dependent on the number of likes we receive on a single photo.
It should come as no surprise then, that the primary platforms cybercriminals choose to target both individuals, businesses, and governments on are through email, mobile and social media.
Thus, with the growing popularity of social media comes the increase in vulnerability to cyberattacks. Platforms such as Facebook, WhatsApp and Twitter have become a breeding ground for a variety of threats.
Here are the latest threats to keep a vigil eye out for on social:
WhatsApp video calling invite
Many WhatsApp users have reported being targeted by a scam involving being invited to download the popular platform’s video calling service.
The fraudulent invitation leads its unsuspecting victims to a website called “Whatappvideostart”. Once this is activated, it compromises the security of the user’s smartphone and discloses account information and passwords to the attackers.
Because the scammer makes the message look like it’s coming from the user’s known contact or from the company whose services they’re using, this leaves the victim often not suspecting a thing.
To avoid this particular scam, ensure you update your app only from the official WhatsApp site.
If it sounds too good to be true, it probably is
As well as the video-calling scam, several WhatsApp users have been targeted by phishing scams which offer them desirable prizes.
A specific example is a message offering free flights with the well-known airline, Emirates. The link takes users to a fake survey which they’re prompted to complete in order to win two free tickets. Users are then told these can be claimed once they’ve shared the link with 10 of their WhatsApp contacts, spreading the scam further.
Then, the user is taken to a new domain for the final step of the scam, where it asks users to sign up with their phone number. With all steps completed, users are then notified that they haven’t won anything.
The best advice to avoid these kinds of scams: If it’s too good, it probably is. If you’re uncertain about something, it’s best to double check the legitimacy with the official company behind the “supposed” offer.
‘Be careful who you’re friends with’
Facebook is another platform that’s become a hotbed for phishing and malware attacks.
One of the latest scams on the popular social media platform appears to a very trusted source; your own friends.
The scam works by sending the victim a message from a Facebook friend asking for urgent help to recover their account, since they’ve added you as one of their “Trusted Contacts”.
According to a public security alert published by AccessNow, this attack is initiated by an already compromised account of one of your friends, who sends a message to you asking for “urgent help” to gain access back into their account.
The hacker (who’s hiding behind the identity of your friend) asks you to check your email for a recovery code to then share with the attacker.
However, this “recovery code” is actually a “Forgot my password” request initiated by the hacker, in an attempt to hijack your Facebook account.
The best way to protect yourself from this scam is to be extremely vigilant to every recovery email you receive. The above procedure is not how Facebook’s Trusted Contacts feature actually works, so make sure you familiarize yourself on the feature before accepting anything.
The above scams are only a few examples of the many lurking around the social media world.
And with social media platforms continuing to grow and have an all-encompassing presence in our daily lives, it is crucial that both individuals and businesses keep a vigilant eye on such vulnerabilities.