Dec 20, 2013 (Fri): It’s now the norm for people to offer best wishes for Christmas over Facebook and Twitter. As we get ready for the onslaught of Christmas-themed status updates, we should also prepare for a barrage of scams on social networks in the coming month too, Kaspersky Lab experts have warned.
In the lead up to this festive period, Kaspersky Lab has seen scammers trying to interest Facebook users with pages on PlayStation 4 offers, and on new Apple iPhones and iPads. There were even pages about an iPhone 8, which doesn’t even exist. Despite the unofficial-looking posts, many are falling for them and lending credence to the scam campaigns. One supposed Christmas competition offering PlayStation 4 consoles had received over 776 shares.
Here are some examples of Facebook scams to steer clear of this Christmas:
Whilst PC users are in greater danger from infection, mobile users, who will be messaging like mad over the Christmas period, are increasingly being targeted. Given the number of shiny new phones and tablets on offer this season, from the iPad Air to the updated Google Nexus lineup, cyber criminals will be frothing at the bit to exploit the new batch of mobile users connecting on Facebook and Twitter.
To keep your social profile and your personal data safe over the Christmas period, here’s some tips:
- Don’t give away too much. It’s nice to share at Christmas, but don’t share too much personal information. If you do lose control of your social media account to a malicious hacker, it could mean more than just having your privacy infringed upon or messages being posted on your behalf. Hackers can use your information to potentially breach other accounts, such as online banking services. So don’t give away too much factual information about yourself, such as your address, and certainly don’t share banking details in messages, as they might not stay private forever.
- Don’t click on untrusted links. Scammers use numerous techniques to get people to give away their Facebook logins. Clicking on an email link entitled “Facebook Christmas Specials”, for example, could open a fake Facebook portal in which users are required to enter their login details. As the interface appears identical to the real social media platform, users don’t realise what’s happening. Once the victims have entered their details, the hacker has their passwords. As most people tend to use the same password for services such as eBay, Amazon and webmail, this can trigger a dangerous chain reaction. You should, therefore, never click links that don’t come from trusted parties. Even if a link has been posted from a friend, still be wary – they may have been hacked.
- Use two-factor authentication. Facebook and Twitter are becoming increasingly security-conscious. Both have introduced two-factor authentication, which means the user can give another credential, such as a unique number sent to them via text or an application, when logging in. So even if a hacker does get hold of your username and password, they won’t be able to login as they won’t have that extra credential.
- Get the right security. Various kinds of malware sniff around your system for social media passwords, such as the innocent-sounding Pony malicious software. Others, like Kelihos, are spread across Facebook and attempt to steal other personal data. Outside of taking precautions, such as not clicking on links from untrusted parties, users need to invest in a decent anti-virus solution that knows about the most prevalent and newest threats. A properly configured firewall is a must too.