Things we do on the Internet—exploring vacation locations, posting personal experiences on micro blogging sites or seeing what friends are upto on social media sites such as Facebook, Instagram and Snapchat—leaves a trail of footsteps about our whereabouts, finances and relationships. With cybercrime on the rise and nearly one million new security threats released globally every single day (viruses, hacks or identify threats), all of this information is at risk of being exposed.
Just the way we ensure the safety of our priced possessions, such as our homes and automobiles by adopting appropriate security measures, it’s time for netizens to also cover up their digital footprints and understand the repercussions of unsafe online behaviour. It’s just like giving away your house keys to strangers and expecting no robbery to take place. Imagine a scenario of sharing social media profile password openly —hacks and scams will be a given. Cybercriminals are increasingly targeting netizens in India through social media scam and social media profiles are becoming an individual’s virtual identity.
If you have used a social network in the past decade, chances are you have seen one of the following offers appear in your news feeds and timelines:
- Free concert tickets, lottery tickets
- Unbelievable news about celebrities (sex tapes, death)
- Significant world news (specifically, natural disasters)
Cybercriminals are known to quickly adopt tactics and leverage any social networking platform that becomes popular. At Symantec, the makers of Norton, we identified that the big shift in social media scams in 2014 was the uptick in manual sharing scams. This is where people voluntarily share enticing videos, stories, pictures, and offers in order to gain access to a sensational video or enter a lottery without realising that these could include links to malicious or affiliate sites.
While proven methods of duping consumers still hold good, cybercriminals continue to experiment new attack methods across mobile devices ensuring more reach with less effort. According to Symantec’s Internet Security Threat Report Volume 20, in 2014, India’s growing social media population proved to be a ready base for cybercriminals last year, making it the second most targeted country in the world for social media scams with over 80% of these being carried out through manual sharing as compared to 70% globally. Social media scams can provide cybercriminals with quick cash and they increasingly take advantage of consumers’ willingness to click on and re-post content shared by their peers. Last year scammers took advantage of the death of Robin Williams by sharing what was supposed to be his goodbye video. Users were told they had to share the video before they could view it, and were instructed to fill out surveys, download software, or were redirected to a fake news website. There was no video.
With manual sharing there’s no hacking or jacking necessary— people and their networks do all the work for the criminals. Other social media scams require a bit more work on the part of the criminal.
The highly popular picture-sharing platform Instagram, now has more monthly active users than Twitter, and is also being exploited by cybercriminals. Among the scams seen on Instagram in 2014 were those where criminals tried to monetise prepopulated accounts and mimic offers employed by legitimate corporate users. For example, in one scam, fake accounts are created, purporting to be lottery winners who are sharing their winnings with anyone who will become a follower.
There are steps that netizens can take, to defend against these attacks. For example, they can use a comprehensive Internet security solution that includes capabilities for maximum protection against malicious code and other threats. They can keep their system, program, and virus definitions up-to-date; be wary of scareware tactics; use an effective password policy; even when receiving email attachments from trusted users, be suspicious. Most important, limit the amount of personal information you make publicly available on the Internet (in particular via social networks).
The writer is country manager, India, Norton (consumer brand of Symantec)