An increasing number of fraudsters are stealing private information through social media sites like Facebook.
Scams directed at social media sites, such as Facebook, have doubled in the past year, according to Norton Security.
Sharing information via these sites is the number one way criminals can steal personal information which can lead to identity theft.
There has also been an increase of 58% in the past year in scams which target smartphones, the Norton 2013 Internet Security Threat Report shows.
Social media scams
The most common social media scam, which made up 53% of these scams in 2012, targetted people by offering a fake gift, such as a £100 gift voucher.
Victims are encouraged to join a fake group or event with the incentive of a free gift card and at the same time give away personal information. These scams also work by using fake websites which can lead to viruses being downloaded onto a PC or a smartphone.
Often the free incentive is linked to something the person has ‘liked’ or become a fan of – such as a football team, fashion brand or celebrity. This means they’re even more likely to click on it and hand over information to the scammer.
Manual sharing, where someone reposts something to their own site, on their Facebook wall or Pinterest board for example, is the second most common and made up 18% of scams.
Fraudsters are also using fake ‘like’ buttons on Facebook and copycat plug-in links to trigger malware attacks which then lead to information being stolen.
Although Facebook is the most common vehicle for scam attacks, Twitter, Pinterest and Tumblr have also been targetted.
There has also been a 42% rise in targetted attacks whereby a fraudster finds out personal information such as address, job or interests before sending out an attack.
Mobile phone scams
As mobile phones become more advanced, criminals are finding new ways of stealing the information on them. Last year there was a 58% rise in mobile malware attacks. 32% of all viruses were able to steal information held on a smartphone.
Smartphones have become “powerful computers” and because they’re tied to a bank account they are very attractive devices to criminals.
Privacy leaks, which enable scammers to obtain private information and the user’s location, are one of the most common types of mobile malware.
The second is premium number fraud which works by a company sending out text messages announcing, for example, a winning prize draw ticket. The victim then replies or calls a premium number to claim their ‘prize’ but they just end up giving away private information and losing money.
How can I protect myself?
Criminals are now targeting people through social media because it’s an easy way to obtain personal information. If you receive a message or an invite through Facebook, for example, you’re more likely to trust it if it’s from someone you know. But scammers know this and that’s why they’re using social media to con people out of millions of pounds.
The experts at Norton say they expect social media to be targetted even more in 2013, and especially when it comes to teenagers and young adults who may not be able to recognise threats. This is particularly worrying given that it's now more common for social media sites to be linked with financial accounts.
[SPOTLIGHT]However, although these scams are on the rise, it doesn’t mean you have to be a victim.
If you receive an email or link you think is false on Facebook you can report it by emailing: phish@fb.com. Twitter also lists common scams on the feeds @safety and @spam.
Our article - Don't be a victim of ID fraud – is full of information on how to avoid identity fraud but here I’ve listed three of the most important things you need to be aware of.
Sharing information
Putting any kind of personal information on a social media site means everyone following you can find out about it. This is fine if it’s just your closest friends, but when it’s people you’ve never met before it can lead to problems.
Make sure you regularly check your personal settings, especially on Facebook, so that your information and photos are not being viewed be scam artists.
This is harder to do on sites such as Twitter so be careful not to post anything which will lead to your identity being stolen. Adding a location onto tweets, for example, will show people when you’re away from your house.
To make sure your Facebook timeline is water-tight check out our article - Facebook Timeline poses new dangers.
Risky links
If something seems too good to be true then it probably is.
Links offering a chance to win tickets to a sold-out gig, for example, are almost always going to be spam which will either direct you to a copycat website or start downloading malware to your phone or PC.
Only ever accept invites from people you know or follow links from a trusted source. If the company looks dodgy you can always Google it and look for an address and phone number to find out if it exists.
Protect your passwords
This rule is not specific to social media and should be followed for all your accounts.
Don’t use the same password for every account you have and make sure they’re complicated enough so someone else won’t guess them - but also not too complicated that you forget.
Fraudsters often target victims with surveys and use the answers to guess the passwords to their email or bank accounts. Therefore avoid using familiar words which can identify you.