The Dark Side of Social Media

Our brains are hard-wired to believe. We take in information literally and then evaluate it against our knowledge to decide whether or not it is true. For a moment, no matter how brief, humans will believe anything that they are told. This belief is compounded if the source of the information is someone that we know, trust, or respect.

Consider the famous Nigerian Prince Scam, a simple, fraudulent e-mail that promises a future cash reward in exchange for a small advance payment. Of course, the scam is ridiculous but, according to historians a version of the scam has been used by con artists for over 200 years. Now, social media has opened up a whole new industry for cyber-criminals and while e-mail spam is decreasing in frequency, social media is ripe with scammers looking to make a quick buck.

Social Media Affiliate Programs

social media scams

Through affiliate programs, scammers can trick you into participating in a survey and/or signing up for a premium service. In this way, scammers collect your info and make money.

All scams have one thing in common, the goal is to make money and social media scams are no different. Most commonly, social media fraudsters monetize their efforts through participation in affiliate programs. These are incentive programs in which companies pay “affiliates” for driving traffic to their website. For instance, some unsuspecting person sees an ad for a free $1,000 gift card if they will only enter their e-mail address. When they enter their e-mail address and click submit, they have earned a referral fee for a criminal. They will never see the gift card because it never existed. It was only a ploy to get personal information.

Common Social Media Scams

Facebook, Instagram, Twitter and all other social media platforms have changed the way people interact socially and professionally. We crave likes, comments, and re-tweets like a pregnant woman craves pickles and ice cream. We are able to follow our best friends and favorite celebrities and interact with them on a daily basis. All of these benefits are noticed by scammers who use them to their advantage when designing their schemes.

Facebook scam

Manual sharing plots are the most common and rely on social media users to spread. Usually, scammers will embed links to an affiliate site or malware inside of videos, pictures, or fake offers meant to entice people into unknowingly sharing the links with their friends. Fake offering scams are related and request social media users to join fake groups or events and share personal information in exchange for a free gift. Together, manual sharing and fake offering scams made up 93% of social media threats.

Phishing

Another type of cyber-fraud, phishing is the collection of personal information for the purposes of moneymaking. In regards to social media, phishing links are almost always hidden behind a hook (pun intended) such as a shocking news story or outlandish celebrity scandal. Once a user clicks on the link, they will be taken to a phishing site where they will be asked to login before they can proceed. Criminals will take the login information and hack other accounts for which the user has the same password (Apple ID, Bank Accounts, E-mail, Cloud Storage, etc.)

What is phishing

How to Protect Yourself

Knowledge and preparation are the two most important defenses against social media scams. While on social media, watch out for sensationalized stories, wild celebrity news, and offers for free money. Instead of clicking on links within social media, search for the stories on reputable news sites to see if they are legitimate. Also, never fill out a form unless you are certain the transaction is secure. Cyber-criminals are very creative and can use just about any personal information against you to make money for themselves.

Android Antivirus

Android Security Suite

In terms of preparation, one of the best investments a social media user can make is an antivirus app that can recognize threats. Apps like Android Security Suite that offers 24/7 real-time protection provides the most comprehensive protection and download directly to your device. Good antimalware will scan and detect malicious websites, phishing sites, and viruses to protect your device and your personal information from falling into the wrong hands.

Spam: The Digital Plague

Spam, the digital plague
183 million spam messages are sent worldwide on a daily basis. Spamming can be a lucrative business that saturates email accounts and can transmit malware and viruses to your computer or mobile device.

It is estimated that worldwide, the damage caused by spam reaches in excess of $12 billion dollars. Anti spam activists such as the Spamhause Project or Google, fight against this plague.

Spammers usually operate with nonexistent companies to buy IP addresses and use outside servers. Unfortunately, 4 out of 5 spam messages advertise suspicious online businesses. For example, the so-called Nigerian scam is designed to make you think that you can get millions of dollars but only if you send a sum of money in advanced.

Other spam messages contain files that infect your computer or mobile device that allow hackers to control and access them remotely. Anti spam organizations maintain spam lists, which are used to block suspicious senders and report them to the police.

This digital plague is not something exclusive to Russia and Nigeria, as it is generally thought. In fact, industrialized countries such as Germany and Japan are in the top 10 lists, with the US in the first place.

 10 Worst Spam Countries

Image: The Spamhaus Project


In many countries, spam is difficult to control due to legislation and also because it is difficult to verify that a person did not give consent to receive such messages. Once the spammers are identified, anti spam activists report their information to the police in order to assist in putting a stop to it.

Despite the efforts of organizations such as Spamhaus or the police, the battle against spam is far from over. Spammers are constantly evolving and changing their methods until eventually this junk email will be more methodical, unrecognizable, and better integrated into the daily life.

The amount of spam is not expected to reduce, however anti-spam organizations have a clear objective: to prevent spam from reaching our inbox.

Spam is digital trash and as such it should be sent to the recycle bin unopened. Do not click on any links from spam emails and always protect your mobile devices against malware and other threats with antivirus solutions such as MyAntiTheft.

Tips to Prevent Online Christmas Scams

ugg_browser_extension
“All that glitters is not gold” and when it comes to online scams, Christmas shoppers must watch out for “too good to be true” bargains that could end up hurting their wallets.

According to research conducted in 2013 on behalf of FFA UK by ICM in the UK, online scams cost shoppers $15 million dollars. These people were victims of “vishing” a fraud method that attempts to get personal or financial information via telephone when fraudsters act as technical support agents or sales people.

With cyber Monday and the Christmas shopping season, cybercriminals are offering all kinds of products at very low prices. The website Get Safe Online published a list of the top five most risky items in which you can find Smartphones at the top, followed by game consoles, Ugg boots, Barbour jackets and iPads.

Remember, if it sounds too good to be true, it’s probably a scam or fake item.

Learn how to protect yourself when shopping online:

• If you get a call asking you to confirm a purchase, don’t reveal your bank account or shopping details since this is the way most fraudsters work. Just hang up and call your bank from a different phone to make sure everything is ok.
• Check your bank account regularly and make sure that your bank has your contact numbers so they can alert you if anything unusual or suspicious happens.
• Always make sure web URLs start with “https”, pay close attention to the “S” at the end. If the site doesn’t have the S nor the gold padlock icon, avoid shopping from that website.
• For banking or shopping, only use official online websites and mobile apps.
• Type the address of your bank or online shop directly into your browser. Never use a link from your email to go to your bank website nor should you open attached files that ask for personal information.
• If you own or are in the market for a new smartphone or tablet, protect it by downloading MyAntiTheft with MyAntiVirus and make sure it’s safeguarded with a PIN.
• In regards to online auctions and high value items, make sure you see the product before sending money. Use secure payment methods like PayPal instead of paying individual sellers.
• Once all your shopping or banking sessions are done and you followed this online safety guide, log out of the website or app. Also keep every purchase confirmation email.

Online Dating. Dream or Nightmare?

iStock_000015094465_Small

Online dating can help you to fulfill your dreams of love but if not cautious, it could also be your worst nightmare.

Sites like Match.com, eHarmony.com or ChristianMingle.com offer heartbroken, disappointed and bored people the chance to meet the love of their life. However there are a lot of risks you need to be aware of in order to protect yourself and have a happy ending to your love story.

Risks:

• Personal safety.
• Stalking and harassment.
• Fraud, by sending money to those that claim to be in an “unfortunate situation”.
• People under false identities.
• Spam, selling or romance fraud.
• Blackmailing, be careful with things you may do in front of your webcam. Fraudsters can record them and use it against you.
Phishing, false emails claiming to be from the online dating site, encouraging you to give personal and sensitive information.
• Fake links appearing to be legit that steal your credit card info. Make sure to pay attention to the link and ensure it is a secure one starting with “https”
• Fake dating sites that will require you to pay money to sign up.

In order to have a safe online dating experience you should take into account the following:

• Choose a well-known online dating site. Favor the ones that protect your anonymity and that have policies against inappropriate use.
• To protect your privacy, set up a separate email account and don’t use your real name or other personal data.
• Always use Google image search on the photos of profiles that interest you to ensure those pictures were not stolen for a fake identity.
• Don’t let anybody pressure you to giving your personal or sensitive information such as phone number or address. Wait until you feel comfortable with an individual before revealing anything personal about yourself.
• Be extremely cautions in front of your webcam. Even if you feel trusting or comfortable with the other person, avoid taking your clothes off or doing other things, you could be recorded and blackmailed.
• Make sure that your user name doesn’t reveal personal information such as Keith_Attorney, Jane1982, etc.
• Don’t play the role of beneficiary. Fraudsters will try to scam you and make up troubled stories so you help them with money or bank account information.

Advice for meeting offline the first time:

• If you are really going to meet the person, make sure it is in a public place with people around.

• Also, don’t let your date pick you up and ensure that your friends and family know where you are going, whom you will meet and what time you’ll be back.

• Don’t leave your drinks or food unattended since you could be drugged and also, don’t get drunk.

• Finally, take your mobile phone, keep it switched on and don’t forget to keep MyAntiTheft running. Recommend MyAntiTheft to your friends or family that are dating online. It will help find your location and protect you everywhere.

You might be giving consent to phishing on your mobile device or computer

News about phishing is published constantly on the Internet and TV, warning people about several threats detected every day in emails, phone calls, social engineering, webpages and social media such as Facebook.

However, not everybody pays attention to this news since the majority are not aware of what phishing really is or what it looks like.

Phishing is an online scam designed by cybercriminals to steal money and personal information from your computer or mobile device, ironically, with your consent.

The way criminals do this is by posing like a legitimate company, organization or bank in order collect sensitive information such as usernames, passwords, credit card details and in some cases money.

The best way to avoid being a victim of phishing is by knowing how to recognize it. The following are examples of the most common ways criminals attack:

Phishing Email:
When you get an email from your bank, social media account, school, etc. requesting verification or some kind of urgent action, pay attention to the following signs to detect phishing:

Email Phishing

Generic greeting: since email phishing is sent in large quantities, criminals use generic names such as “Dear valued costumer”. If you don’t see your name in the email, be suspicious.

Forged Link: Phishing is all about posing as a legitimate company, that’s why emails will look exactly as the genuine company layout. Pay attention to the links that they are asking you to go to, and read if they are actually going to the company’s site or to any other random, unfamiliar one. Another way to do this is by looking at the URL, in most cases the URL should start with “https”, the s stands for secure and if you don’t see it, don’t proceed.

Request sensitive information: If an email is requesting sensitive information such as ID data, credit cards or passwords it is probably phishing. Pay even more attention to the URL or link you are at.

Sense of urgency: Cybercriminals want to get your information ASAP. That’s why they will create threatening or confusing messages to get you to act immediately.

Phishing website:

2-16-2013 2-39-23 PM

Poor resolution: This websites are usually poor quality. Be suspicious if the logo, text or resolution is poor.

Forged URL: Some webpages will masquerade their URL with names similar to the company, however always look for the s in “Https” that will tell you if the webpage is secure. Also, look out for URLs that begin with an IP address, such as: http://12.34.56.78/firstgenericbank/account-update/ — these are likely phishes.

Forged URL’s cannot show a domain path, what this means if you are at “http://www.paypal.com” and entering information, be cautious. There should usually be more to the URL. Paypal would not have you enter any information on their home page! This is a masqueraded URL!

Social Media Phishing:

twitter2-phish-small-private-with-direct-message-v3

Phishing in social media is increasing since people are more social and trusting. Cybercriminals know that and are pushing messages containing threats that accounts will be blocked if users don’t verify information, or promising interesting content such as games, videos or pictures.

So, be aware and pay attention to URLs, layouts, and the types of information you are required to give. Be cautious and keep your antivirus, such as MyAntivirus, updated and running since they can detect scams like phishing and malware behind it.