Photo Credit: shutterstock
As much as the big social media platforms – such as Facebook, Twitter and Instagram – try to make themselves safe for all people to use, the reality is that a growing number of online threats are now wreaking havoc across these platforms. And many are hiding in plain sight, relying on the very nature of “social” media to help themselves spread online. By understanding how these social media scams work, you’ll be in a much better position to prevent yourself from falling prey to malicious cybercriminals.
Phishing scams and identity theft
Perhaps the most pernicious type of threat involves a phishing scam of one sort or another. In a typical phishing scam on social media, a bad actor convinces you to click on a link or download a file of some kind. This bad actor will try to disguise his or her true identity, usually by impersonating the social media account of someone you might recognize or trust. However, as soon as you’ve clicked on the link or downloaded the file, your computer has been infected. And if you have entered personal information onto a fake website as the result of clicking on a malicious link, you might soon be dealing with identity theft issues as the bad actor uses your personal information to send out fake social media posts. Just ask Twitter CEO Jack Dorsey, who woke up one day to find his (hacked) Twitter account spewing out racial slurs and anti-Semitic messages.
Typically, ransomware attacks on social media are carried out against high profile and deep-pocketed individuals. Cyber criminals, for example, might hack your phone in order to get access to your photos. If you happen to have a few embarrassing photos from social media lying around, this might become the target of a ransomware scheme: “Pay me a ransom, or I release these photos into the wild.” If you fail to pay the ransom, your computer or phone might get locked or wiped. People who have the most reason to be concerned are people like wealthy businessmen (like Amazon CEO Jeff Bezos, who famously had NSFW photos and compromising text messages stolen from his iPhone) and Hollywood celebrities.
Social engineering scams
Lately, social engineering scams have been making headlines, mostly because they have proven very effective at bilking corporations out of millions of dollars. In essence, these scams work because the cyber criminals have taken a lot of time to figure out your social network, and how you relate to these people in your network. By studying LinkedIn, for example, they might be able to find out names of your colleagues, managers and bosses. Thus, when you receive a message from a VIP from someone in your corporation, you have already been “primed” to trust this message. And who knows what you might be convinced to do? In some cases, employees have wired millions of dollars into foreign bank accounts because they have been told to do so by someone impersonating a top corporate executive.
The evolving universe of online threats
Online threats continue to mutate and evolve. Many of them latch onto current trends in the online world, and use them for elaborate social media scams. For example, when the whole Bitcoin and cryptocurrency fad first reared its head, all sorts of Bitcoin scams proliferated. (One famous scam involves Elon Musk, in which a fake Elon Musk Twitter account promises to hand out crypto to people who first send him a small amount of cash). In February 2020, Elon Musk even tweeted, “The crypto scam level on Twitter is reaching new levels. This is not cool.”
So be aware of what’s trending on social media so that you can be prepared. Also, know that the bad guys in black hats are constantly shifting their tactics. A little preparation can go a long way in protecting your digital presence online.