Scam-detection tips for online communities

Saturday December 7 2013

Smartphone users have seen an explosion of

Smartphone users have seen an explosion of malware in the past year, dominated by schemes targeting Google's Android operating system, a survey showed Wednesday. 

With online communities firmly in their sights, hackers and criminals have resorted to a variety of techniques to launch social networking scams.

Internet security experts are increasingly getting concerned about the rapid growth of social networking scams — attacks on members of online communities like Facebook, MySpace, Flickr and LinkedIn.

When it comes to social networking scams, it’s just as easy for criminals to hack your profile page as it is for them to create their own phony profiles. All they need is your username and password.

Sometimes, hackers do this just for their own idea of having fun, scrawling graffiti over a user’s page. At other times, they install invisible code that can be used for malicious purposes. Or they simply use your ID as a platform for spamming.

Free giveaway

The easiest scam to fall for on Facebook is a promise of free giveaway. You’ll see everything from gift cards to free tablets, laptops and smartphones.

Who doesn’t like free, after all? But this comes with a catch. You have to give the “company” your information. Or you have to download a program to qualify.

This is a variation on classic survey scams, which trick users into giving out their information or downloading malicious files onto their computers.

With the information you enter, a scammer has a foothold into stealing your identity. Entering your cellphone number often leads to bogus premium charges appearing on your phone bill.

It’s true that some companies do give away free stuff through Facebook. When they do so, however, it’s promoted on that company’s official Facebook page. So you can always verify the information from their webpage.

If you check the company’s page or website and don’t see the giveaway, steer clear. Even if it’s real, only enter your personal information through the company’s official page. And only if it’s a company you trust. Scammers like to set up fake sites and pages that mimic the real thing.

Almost as exciting as free gadgets is seeing the latest viral video. However, many supposedly salacious celebrity “videos” posted on Facebook aren’t videos at all.

When you click to watch, you’ll be asked to update your video player first. You’ll even be provided with the updated program file. How helpful! Of course, the program is really a virus. Plus, it will automatically share the scam with all of your friends.

This one is easy to avoid. Type the video’s title into Google. You should see a link to it on YouTube. If the video isn’t on YouTube or a legitimate news site, it’s a scam.

Another common scam offers to change your Facebook profile look or layout. A famous version was the Facebook Black scam. It supposedly gave you a sleek, black color scheme.

These scams try to trick you into installing a rogue Facebook app. If you do, you give the scammer access to your personal data. It will also spam your friends to try and trick them.

Again, this scam is easy to avoid. Just remember that there’s no official, or unofficial, way to change your Facebook layout. A program can change the way you see it, but nothing will change the way other people see it.

Who viewed your profile? Knowing who views your profile is the Holy Grail of social media. Who doesn’t want to know who is cyber-stalking them?

That’s why this scam has been around almost as long as Facebook. No matter how often Facebook says it isn’t possible, people still want to believe it is.

So they gladly download apps or visit websites that turn out to be malicious. And they give full access of their Facebook profile to strangers.

The bottom line is, if something looks like a scam, then it probably is.

Sam Wambugu is a monitoring and evaluation specialist. [email protected]