The use of social media has exploded, with 255 million active users on Twitter and more than 1.2 billon on Facebook. Unfortunately, so too have the scams and attacks that target social media. Criminals are taking advantage of the increasing number of users and the enormous amount of information exchanged.
1. Information about special events (such as the Olympics), or tragedies (such as the missing Malaysian Airliner) could be used by those with malicious intent to conduct social engineering scam, particularly on social media. For example, many individuals are tempted to click on a video they see on their "newsfeed." Unfortunately, these videos may lead to a malicious website designed to infect your computer.
2. Typical scams feature notices of items that can be "free" for you or available at a very low price. If you notice an online advertisement about the newest tech gadget, at a ridiculously low cost, it is most likely a scam to trap users into clicking on the ad. Sometimes a refundable deposit is requested, other times, direct access to your Facebook account requested. These are scams intending to victimize you and your friends.
Fake organizations claiming to be charities have mushroomed on social media sites. They often post heart-wrenching images, such as a picture of babies with serious diseases or a fire that destroyed an entire community - basically anything that will appeal to people's emotions. These posts almost always include a call-to-action, such as pleas for donations. Avoid being a victim. Investigate the legitimacy of these organizations before contributing.
Exercising caution is the best defense - enjoy social media but be alert for fraudulent activities!
Center for Internet Security Primer: Tips for Avoiding Scams Following Major Events:
State of Washington, Department of Financial Institutions Social Networking Investment Scams:
Norton: Top 5 Social Media Scams http://us.norton.com/yoursecurityresource/detail.jsp?aid=social_media_scams
Panda Security: Scams on Social Networks
The information provided in the Monthly Security Tips Newsletter is intended to increase the security awareness of an organization's end users and to help them behave in a more secure manner within their work environment. While some of the tips may relate to maintaining a home computer, the increased awareness is intended to help improve the organization's overall cyber security posture. This is especially critical if employees access their work network from their home computer. Organizations have permission and are encouraged to brand and redistribute this newsletter in whole for educational, non-commercial purposes.
Disclaimer: These links are provided because they have information that may be useful. The Center for Internet Security (CIS) does not warrant the accuracy of any information contained in the links and neither endorses nor intends to promote the advertising of the resources listed herein. The opinions and statements contained in such resources are those of the author(s) and do not necessarily represent the opinions of CIS.