Over the past few weeks, we’ve been helping people protect themselves, their colleagues, friends and family from various types of online scams, by showing you how to spot and avoid scams.
Many people, for whatever reason, choose not to log into social media while on a work computer or device. In some cases, access is intentionally directly blocked by the network.
But, since many people are now working from home or even working on their own devices, the problem of social media scams is on the rise. Giving a potential hacker access to your own personal information is bad enough – but potentially giving them access to an organisational network can be even more troublesome, for the user and the organisation.
Some phishing attempts are made via social media links and posts. For example, in some cases, a hacker or scammer will pretend to be a particular organisation or company, put up a page, and make it look official, say by using official logos and graphics stolen from the original account. With this fake account, they can add a link to a fake website that’s designed to steal details, or even send messages to users directly. While Facebook and Twitter can and do crack down on these kinds of scams, it’s often delayed, meaning that by the time these pages or posts are removed, the scammers have had chance to harvest the data of thousands of unsuspecting people looking for help and support online, or infect their computers and devices with malware.
Recently, there’s been a surge in a different type of scam – one that’s designed to steal personal details directly through Facebook rather than directing the user though an external site. In this kind of scam, the hackers or scammers will set up a page as previously, but this time they will use Facebook’s app interface to create a form where people will “enter a competition” or “sign up for a free trial”.
Everyone likes the idea of getting something cheaply, for free, or the chance of winning something valuable. Fake pages disguised as genuine organisations like Haven holidays or Ford motors, offering “like and share for a chance to win a car” or “fill in your details here for the chance to win a holiday” or “retweet and we will donate money to charity” – they’re designed to either spread themselves further or harvest personal information which is then either sold for profit for marketing purposes or used to direct further scams.
“Like-farming” is also another problem – to entice users to like or share a page – which, after it has a specific number of likes or shares, is then altered to something completely different and sold on, again for marketing purposes. If you’ve ever looked through your Facebook “liked” pages and thought “I don’t remember liking that” – there’s a big chance that you’ve been a target of this kind of scam!
In this case, as in many others, the golden rule applies:
