Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cybercriminals playing us for fools on social media

Eugene Teo, Norton Security Advocate, Symantec | May 4, 2015
This byline explores how social media scams have evolved and how scammers have ventured onto new platforms, and how their success comes from people’s willingness to fall for predictable and easily avoided scams.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

Everything we do on the Internet — making travel plans, keeping in touch with our relatives or seeing what our friends are up to on Facebook — leaves a trail of information about our location, finances and relationships. With cybercrime on the rise and nearly one million new security threats released every single day (viruses, hacks or identify threats), all of our information is at risk of being exposed.

Just as we take steps to protect ourselves offline by installing home security systems or always locking our doors, it's now more important than ever for us to cover our digital tracks and understand where we might be vulnerable.

However the public undervalued their data in 2014, freely giving away email addresses and login credentials without checking that they were on a legitimate website. If you're active on social media, chances are you've seen one of the following offers appear in your news feeds and timelines:

  • Free smartphones, airline tickets, or gift cards
  • Unbelievable news about celebrities (sex tapes, death)
  • Significant world news (specifically, natural disasters)

While scammers certainly evolved their tactics and ventured onto new platforms in 2014, a lot of their success continues to come from our willingness to fall for predictable and easily avoided scams. Symantec's Internet Security Threat Report (ISTR) Volume 20 revealed that the big shift in social media scams in 2014 was the uptake in manual sharing scams. This is where people voluntarily and unwittingly share enticing videos, stories, pictures, and offers that actually include links to malicious or affiliate sites.

According to the report, 87 percent of social media scams in Singapore were manually shared, 17 percent higher than the global average. These scams spread rapidly and are lucrative for cybercriminals who take advantage of people's willingness to trust content shared by their friends.

One such scam in 2014 took advantage of the death of Robin Williams, with a social media post purporting to share his goodbye video. Unwitting users were asked to share the video with their friends before they could view it, and were instructed to fill out surveys, download software, or were redirected to a fake news website. There was no video.

With manual sharing the cybercriminal can sit back and watch users do the work for them — there's no need for them to perform any hacks. Other social media scams require a bit more work on the part of the criminal. Dating app scams, for example, require users to click through links and sign up for external websites, at which point scammers would then make commission as part of an affiliate programme.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.