Scam of the day – July 21, 2017 – Free Southwest Airlines ticket scam

It appears Delta isn’t the only airline having its 88th birthday a little early. It was just ten days ago that I warned you about a new scam involving Delta Airlines appearing on Facebook in which you are told that Delta is giving away free airline tickets to celebrate its 88th birthday.  The Facebook posting asks you to like and share the post as well as complete a survey in order to get your tickets.  However, there are no free tickets and if you complete the survey, you turn over information to a scammer who can use it to make you a victim of identity theft.

Now an identical scam is appearing on Facebook offering free tickets on Southwest Airlines to celebrate its 88th birthday.

Here is a reproduction of what appears on your Facebook page.

TIPS

A good starting point for recognizing that this is a scam is the fact that just as the birthday for Delta Airlines was incorrect in the posting by five years, Southwest Airlines only began in 1967, so it is a long way off from its 88th birthday.

Southwest Airlines does not offer free tickets in return for answering survey questions and the website referred to in the posting is not a legitimate website for Southwest Airlines.  The real website of the company is www.southwest.com

These types of scams entice people to share and like the posting in order to take advantage of Facebook’s algorithms that value the popularity of postings measured by likes and shares which then appear on the Facebook pages of more people.  Scammers are able to change the content of what is shared or liked to something entirely different through a technique called “farming.”  This is often done in order to send advertising or gather marketing information, but it also can be done to send malware infected content that can steal personal information from your computer and use it to make you a victim of identity theft.

When you see one of these “too good to be true” offers, the best course of action is to check with the company’s legitimate website where you will learn whether or not the offer is indeed legitimate.

July 19, 2017 – Steve Weisman’s latest column for the Saturday Evening Post

Here is a link to an article I wrote for the Saturday Evening Post about Facebook scams which continue to be a major problem.

Con Watch: How to Spot a Scam on Facebook

Scam of the day – June 3, 2017 – Hackers and scammers turning to social media

Recent reports by various security companies are indicating that state-sponsored Russian hackers, such as those that managed to plant fake news stories in an effort to disrupt the 2016 presidential election are increasingly turning to targeting social media accounts to download malware and spread disinformation.  This is a complex story and one worth knowing more about, however, as an individual, you are also susceptible to scams, ransomware and malware downloaded through clicking on links in social media postings.

We have long known that phishing emails and the more personally targeted spear phishing emails are how most malware gets downloaded on to the computers of individuals, companies and government agencies. However, as successful as phishing is in spreading malware, postings on social media, according to cybersecurity firm ZeroFOX are twice as successful in spreading malware.

And it makes sense.

In my May 5, 2017 Scam of the day I warned you about the risks of the Facebook “10 concerts, but there is one act that I haven’t seen live” quiz.   I highlighted the fact that scammers use social media to gather personal information that can later be used to tailor a message sent through social media such as Facebook or Twitter that you are more likely to trust and click on links in the messages that will download malware.

TIPS

Trust me, you can’t trust anyone.  Always be skeptical when you receive any kind of electronic communication that requires you to click on a link in the message.  Always confirm it before clicking on the link regardless of how trustworthy it may seem.  Further, you may well consider limiting the amount of personal information that you post on social media that can be used to tailor spear phishing emails to lure you a victim of identity theft or some other scam by appealing to something in which you are known to be interested.

Scam of the day – March 21, 2017 – European Commission acts to reduce social media based scams

Social media is an integral part of the lives of all of us and therefore it is often used by scammers to convey scams because people often put too much trust in postings and messages they receive through social media. Cognizant of this fact, the European Commission, led by French consumer authorities have given Facebook, Twitter and Google+ until April 16th to come up with proposals to address the growing number of scams using their social media.  If the proposals of these companies are deemed not satisfactory, the European Commission has indicated it would resort to enforcement actions.

TIPS

This is a positive step by the European Commission.  It starts with the recognition that scams are rampant on social media and then permits the various social media companies to have substantial input as to how they will constructively deal with this problem.  However, if the companies fail to act responsibly in this matter, the European Commission is ready to impose regulations.

As for all of us as consumers of social media services, the most important way to avoid scams on social media is to follow my motto, “trust me, you can’t trust anyone” and always be skeptical of any offer you receive on social media, particularly ones that require you to provide personal information.  In addition, never click on links or download attachments unless you have absolutely confirmed that they are legitimate.

Scam of the day – January 18, 2016 – Identity theft dangers of social media

Social media is as much a part of modern day life as a morning cup of coffee.  Facebook, Twitter, Instagram and many other social media sites are the primary way that many people communicate.  With more than 500 million people on Facebook alone, you can expect that identity thieves will be there taking advantage of the opportunities for identity theft presented by social media.  Although many social media scams involve luring people into clicking on links containing keystroke logging malware that will steal the information from your computer or smartphone and use it to make you a victim of identity theft, a major source of identity theft involving social media involves people posting too much personal information about themselves that can be manipulated by identity thieves for their illegal purposes.

Recently the Niagara County New York County Clerk Joseph A. Jastrzemski issued a warning about people putting photographs of their driver’s licenses on Facebook and other social media.  Too often, a young person who just got his or her driver’s license will post a photo of the license on social media without realizing that he or she is providing information, such as address and birth date than can be used to either contribute toward their becoming a victim of identity theft or for purposes of creating phony driver’s licenses which can be sold on the black market that can result in the victim of the identity theft having motor vehicle offenses that turn up on his or her  own driving record.

TIPS

When it comes to posting personal information on social media, often the less you provide the better. Don’t ever post driver’s licenses or other forms of personal identification.  Too much personal information in the hands of an identity thief can make his job easier to target you for spear phishing emails or text messages that use the information they have harvested from their intended victim’s social media to make their spear phishing communications seem legitimate.  This can result in the victims trusting the communications and downloading keystroke logging malware.

Don’t befriend everyone that asks.  Identity thieves will contact you with phony profiles to lure you into providing information they can use to make you a victim of identity theft.  Also, check out the privacy policy of the various social media sites you use.  You may be providing more information than you want to share with other people.

Scam of the day – September 27, 2015 – Facebook dislike button scam reappears

It has been more than three years since I first reported to you about the Facebook dislike button scam.  The scam involves a link on your wall informing you that Facebook now has a dislike button and you can take advantage of this new feature by clicking on a link.   This is a scam.  There is no dislike button on Facebook.  If you click on the link,  a number of things may happen, all of which are bad.  You may be prompted to provide personal information that will be used to make you a victim of identity theft or you may unwittingly be signing up for expensive monthly services on your smartphone or you may automatically download malware that gives the identity thieves access to the personal information in your computer or smartphone which identity thieves then use to make you a victim of identity theft.  Additionally, clicking on the link may give the scammer access to your profile and the ability to send out malware and spam to all of your friends and make it appear that the material is coming from you.

This scam is experiencing a resurgence because last week, Facebook CEO Mark Zuckerberg  spoke about Facebook considering a feature similar to a dislike button.  However, such a feature is a long way from becoming a reality.

TIP

There is no dislike button so if you see a link to one, you can be sure that it is a scam.  If you unwittingly have downloaded this, you should delete it from your Facebook account as soon as possible and report it to Facebook.

Scam of the day – December 13, 2013 – Paul Walker Facebook scams

You can always count on scammers and identity thieves to capitalize on every tragic event that captures the public’s imagination.  Whether it was the Newtown, Connecticut school shootings of a year ago to the recent tragic death of actor Paul Walker, scammers and identity thieves know how to take advantage of the public’s desire for more information and often lurid details.  Recently there have been a number of different Walker related scams turning up on Facebook which share a common basis.  They star with a post on your Facebook page, which often can appear to come from someone you know, when in fact, it is really from an identity thief who hacked into the Facebook account of a friend of yours.  The post provides a link to be able to view a video of the actual crash that had not appeared in the news.  Unfortunately, if you fall for this bait by clicking on the link, one of two things can happen, both of which are bad.  In one scam, you are led to a survey that you need to complete before you can view the video. In fact, there is no such video and by providing the survey information, you have enabled the scammer to get paid by advertisers for collecting completed surveys.  However, the problem is worse because by completing the survey, you have turned over valuable information to a scammer who can use that information to target you for phishing and identity theft threats.  Even worse though in another variation of this scam is when click on the link and unwittingly download a keystroke logging malware program that will steal all of the information from your computer including credit card numbers, passwords and bank account information and use that information to make you a victim of identity theft.

TIPS

Remember my mantra, “trust me, you can’t trust anyone.”  Merely because a post on your Facebook page appears to come from someone you trust, the posting could be merely from someone who has hacked your friend’s Facebook account.  Other times, the posting may indeed be from your real friend, however, that real friend may unwittingly be passing on tainted links that they have received.  In matters such as rare celebrity footage, you should limit your sources to only those that you know are legitimate and can trust such as www.tmz.com.  If it isn’t on TMZ, then it doesn’t really exist.  It is a scam.  Also, make sure that you keep your anti-malware software up to date with the latest security patches.

Scam of the day – April 16, 2013 – Boston Marathon attack scams

The horrible events at yesterday’s Boston Marathon where two bombs were detonated, killing and maiming innocent people is bad enough, but now scammers will be taking advantage of the curiosity of people about the event to make them victims of identity theft.  Every disaster, whether it is a natural disaster, such as Hurricane Katrina or the Japanese Tsunami or unnatural horrible events such as the shootings in Newtown Connecticut bring out the scammers who will be looking to take advantage of both the public’s curiosity and its generosity to turn them into victims of identity theft and scams.  You can expect emails and Facebook messages that promise links to unique video footage of the events that will come laden with keystroke logging malware that can steal all of the information contained in your computer that will, in turn, make you a victim of identity theft.  Even if the emails or Facebook messages appear to come from someone you know, you can never be confident that someone has not merely hacked into your friend’s email account or Facebook account.  Phony charities will also be springing up to help the victims and once again, you can be sure that the scammers will be setting up many of these charities to play on your heartstrings and steal your money.

TIPS

Never click on links or download attachments unless you are absolutely sure that they are legitimate and even then, your friends and family may be unwittingly passing on links and attachments tainted with malware.  If you have any doubts as to the source of an email or a Facebook message, contact that person at a telephone number that you know is accurate to inquire if indeed they actually contacted you as well as to check on the source of the material that they, in turn, are passing on to you.  When it comes to videos of newsworthy events, stick  with well established, legitimate websites.  You can’t trust the other material found on the Internet.  As for charities, never give to a charity unless you have confirmed both that it is a legitimate charity and that it does not use too much of its contributions for payment of salaries of executives within the charities and fund raising activities.  You can find this critical information at www.charitynavigator.org.

Scam of the day – September 5, 2012 – Latest Facebook scam

I recently received two, almost identical emails purportedly from the Chief Financial Officer of Facebook telling me that I had been lucky enough to win a free Apple MacBook Air as a part of an advertising promotion.  The emails each provided a link for me to click on to in order to complete a survey and receive my prize.  This is a scam.  If you receive one of these emails and click on the link you risk becoming a victim of identity theft through the downloading of a keystroke logging program that can steal the information from your computer or by providing the information requested in the “survey.”

TIPS

If you receive this type of email, delete it immediately.  In one email  that I received, the CFO was McKeighan Humberto.  In the other his name was Esposto Coy.  Both emails were very similar although not identical.  As with many scam emails, the grammar is sometimes poor.  In McKeighan Humberto’s email, I was told that I was “randomly elected” to receive the prize rather than “selected.”  If you are ever tempted to respond to such an email, do yourself a favor and contact the legitimate company, in this case Facebook, to determine whether or not the offer is a scam.  In every instance, you will learn that it is a scam.