Subscribe for our latest security news and tips and get your 15% discount!
Social Media Threat
Learn how to spot the biggest scams pluguing social networks
People’s lives are becoming more intertwined due to online interactions over time. While the Internet provides several options for users to create and maintain relationships, social media sites make it even easier to do so. Unfortunately, time spent on social media sites opens windows of opportunity for cybercriminals and online threats.
According to the Symantec Intelligence Report 2014, there are 5 most popular social media attacks and the most popular is fake offering.
"Social networks have a trust model built in, to trust posts from their friends. This trust model gets exploited by attackers, and it's difficult to distinguish between a post from a friend and a post from an attack," said Nishant Doshi, architect for Symantec's security response group that deals with browsers. He explained that the attacks are successful because they go viral, just like your latest favorite Nyan Cat video. They start small and spread fast.
Nishant Doshi told that attacks can spread quickly because users are often sent links and offers to scams from people they trust. Learn how to spot five of the biggest scams plaguing social networks.
#1 Manual Sharing Scams
These scams have been around for years. They rely on victims to actually do the hard work of sharing the scam by presenting them with intriguing videos, fake offers or messages that they share with their friends.
#2 Fake Apps
Fake apps have risen overall in 2013. The apps appear to be legitimate but often they contain a malicious payload. Increasingly, the phony apps are designed for mobile devices, and masquerade as rereleased free versions of popular legitimate apps.
Using fake "Like" buttons, attackers trick users into clicking website buttons that install malware and may post updates on a user’s newsfeed, spreading the attack. Security vendors have gotten better at spotting the malicious code that enables the attack to work.
#4 Fake Plug-In Scams
Users are increasingly being tricked into downloading fake browser extensions onto their computers. Rogue browser extensions can pose like legitimate extensions but when installed they steal data, including passwords and other sensitive information from the infected system. Plug-in scams can be spotted if they offer to provide additional features on the social network.
#5 Fake Offering
Fake offer attacks use free gift cards and other offers to trick users of social networks to join a fake event or group. The scam has increased significantly in recent months and currently makes up 82 percent of all social media attacks in 2013. If the offer requires the user to share credentials or send a text to a phone number, it’s a likely sign that the offer is too good to be true, said Symantec's Haley.
Often these offers can come from a friend, the friend's account gets hijacked and it's their friend suggesting that they click on a link; not just some random stranger or pop-up.
#6 Attacks via Facebook chat
Facebook’s built-in chat feature makes it easier for users and cybercriminals alike to strike up conversations with friends and to communicate with their contacts in real time. In previous attacks, chat messages were used to spread malware and to promote phishing applications
#7 Spammed Tweets
Despite the character limit in Twitter, cybercriminals have found a way to actually use this limitation to their advantage by creating short but compelling posts with links. Examples include promotions for free vouchers, job advertisement posts and testimonials for effective weight loss products. A Twitter kit was even created to make spamming even easier for cybercriminals to do.
Unfortunately the only weapon against such scam in social networks is your experience and knowledge. Of course, we are happy to cover your safety with Safe Browsing from MacKeeper.