Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cybercriminals playing us for fools on social media

Eugene Teo, Norton Security Advocate, Symantec | May 4, 2015
This byline explores how social media scams have evolved and how scammers have ventured onto new platforms, and how their success comes from people’s willingness to fall for predictable and easily avoided scams.

In 2014, the Singapore Police Force revealed that there had been a 62 percent increase in online love scams between 2012 and 2013, and it is no surprise that cybercriminals see the potential for a quick profit via dating apps. Affiliate programmes either pay cybercriminals for every victim that clicks through, or only pay out if the victim signs up and shares credit card information. These pay outs   range from $6 to $60, and has become a profitable monetisation strategy for online criminals. As revealed by ISTR Vol.20, this is more profitable than selling stolen information on the black market, with credit card details valued at $0.50 to $20, and stolen email addresses valued at $0.50 to $10 for 1,000 addresses.

Another social media platform being exploited by cybercriminals is Instagram, which now has more monthly active users than Twitter. Scams seen on Instagram in 2014 include accounts offering to share their lottery winnings with anyone who follows them and fake accounts that offer gift cards. In these scams, users are asked to follow these fake accounts and share their personal information, such as their email addresses, in return for rewards that don't exist.

With all these risks, what can we do to better safeguard ourselves against these attacks? Some best practices include:

1.       Protect yourself. Use a comprehensive Internet security solution that includes capabilities for maximum protection against malicious code and other threats.

2.       Update regularly. Keep your system, programme, and virus definitions up-to-date.

3.       Be wary of scareware tactics. Versions of software that claim to be free, cracked or pirated can expose you to malware or social engineering attacks, which attempt to trick you into thinking your computer is infected and getting you to pay money to have it removed

4.       Use an effective password policy. Use complex passwords (upper/lowercase and punctuation) or passphrases.

5.       Think before you click. Even when receiving email attachments from trusted users, be suspicious.

6.       Guard your personal data. Limit the amount of personal information you make publicly available on the Internet (in particular via social networks).

Always remember — if it looks too good to be true, it probably is. Follow the above tips and don't be fooled by social media scams.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.