Scam of the day – September 11, 2017 – Social media tech support scams

As with any technology that we use, there usually comes a time when you need some tech support for large or small problems that may occur. Unfortunately, for much social media, you will not readily find a telephone number to call and speak to a real person about your problem. However when that happens, unfortunately many people turn to the Internet to search for a tech support telephone number and end up getting a telephone number for a scammer who will induce the victim to make a payment, often by iTunes gift cards, which are particularly popular with scammers these days.  Other times the scammers trick their victims into providing personal information that can be used to make the person a victim of identity theft.

TIPS

Among the social media services that do not provide tech support by phone are Facebook, Instagram, Snapchat and Twitter.  Here are links to tech support for those social media services:

Facebook:  https://www.facebook.com/help/

Instagram: https://help.instagram.com/

Snapchat: https://support.snapchat.com/en-US

Twitter: https://support.twitter.com/

Scam of the day – August 13, 2017 – Phony online coupon scam

Everyone loves coupons and like many things in our lives, coupons which used to be found commonly in newspapers and magazines have migrated online.  As I have warned you many times in the past, Facebook has become a hot bed for phony online coupons.  Recently the Better Business Bureau of Eastern North Carolina issued a warning about  a number of phony coupons appearing on Facebook including coupons for Target, Lowe’s and Bed Bath and Beyond.  A copy of a phony Bed Bath and Beyond $75 coupon is reproduced below.   Don’t click on it.  If you click on it, you are prompted to provide information to a survey in order to receive your coupon, but there is no coupon and the information you provide may be used to make you a victim of identity theft.

Bed Bath & Beyond warns customers about Mother’s Day coupon scam

TIPS

No company could cover the cost of giving away vast numbers of $75 coupons although sometimes participants in legitimate surveys are promised a chance to win a coupon in a drawing.  Facebook is a favorite venue for scammers perpetrating this type of scam because often unwary victims will unwittingly share the scam with their friends.  One way to determine if a coupon is legitimate is to look for the expiration date found on most coupons.  Most phony coupons do not carry an expiration date. In addition, if the coupon appears too good to be true, it usually is a scam. The best place to go to find out if a coupon is legitimate is to the company’s website to see what real coupons are being offered.  For Bed Bath and Beyond you can also call their customer service number of 1-800- GO-BEYOND to confirm the legitimacy of any their coupons.

Scam of the day – July 21, 2017 – Free Southwest Airlines ticket scam

It appears Delta isn’t the only airline having its 88th birthday a little early. It was just ten days ago that I warned you about a new scam involving Delta Airlines appearing on Facebook in which you are told that Delta is giving away free airline tickets to celebrate its 88th birthday.  The Facebook posting asks you to like and share the post as well as complete a survey in order to get your tickets.  However, there are no free tickets and if you complete the survey, you turn over information to a scammer who can use it to make you a victim of identity theft.

Now an identical scam is appearing on Facebook offering free tickets on Southwest Airlines to celebrate its 88th birthday.

Here is a reproduction of what appears on your Facebook page.

TIPS

A good starting point for recognizing that this is a scam is the fact that just as the birthday for Delta Airlines was incorrect in the posting by five years, Southwest Airlines only began in 1967, so it is a long way off from its 88th birthday.

Southwest Airlines does not offer free tickets in return for answering survey questions and the website referred to in the posting is not a legitimate website for Southwest Airlines.  The real website of the company is www.southwest.com

These types of scams entice people to share and like the posting in order to take advantage of Facebook’s algorithms that value the popularity of postings measured by likes and shares which then appear on the Facebook pages of more people.  Scammers are able to change the content of what is shared or liked to something entirely different through a technique called “farming.”  This is often done in order to send advertising or gather marketing information, but it also can be done to send malware infected content that can steal personal information from your computer and use it to make you a victim of identity theft.

When you see one of these “too good to be true” offers, the best course of action is to check with the company’s legitimate website where you will learn whether or not the offer is indeed legitimate.

July 19, 2017 – Steve Weisman’s latest column for the Saturday Evening Post

Here is a link to an article I wrote for the Saturday Evening Post about Facebook scams which continue to be a major problem.

Con Watch: How to Spot a Scam on Facebook

Scam of the day – June 3, 2017 – Hackers and scammers turning to social media

Recent reports by various security companies are indicating that state-sponsored Russian hackers, such as those that managed to plant fake news stories in an effort to disrupt the 2016 presidential election are increasingly turning to targeting social media accounts to download malware and spread disinformation.  This is a complex story and one worth knowing more about, however, as an individual, you are also susceptible to scams, ransomware and malware downloaded through clicking on links in social media postings.

We have long known that phishing emails and the more personally targeted spear phishing emails are how most malware gets downloaded on to the computers of individuals, companies and government agencies. However, as successful as phishing is in spreading malware, postings on social media, according to cybersecurity firm ZeroFOX are twice as successful in spreading malware.

And it makes sense.

In my May 5, 2017 Scam of the day I warned you about the risks of the Facebook “10 concerts, but there is one act that I haven’t seen live” quiz.   I highlighted the fact that scammers use social media to gather personal information that can later be used to tailor a message sent through social media such as Facebook or Twitter that you are more likely to trust and click on links in the messages that will download malware.

TIPS

Trust me, you can’t trust anyone.  Always be skeptical when you receive any kind of electronic communication that requires you to click on a link in the message.  Always confirm it before clicking on the link regardless of how trustworthy it may seem.  Further, you may well consider limiting the amount of personal information that you post on social media that can be used to tailor spear phishing emails to lure you a victim of identity theft or some other scam by appealing to something in which you are known to be interested.

Scam of the day – March 21, 2017 – European Commission acts to reduce social media based scams

Social media is an integral part of the lives of all of us and therefore it is often used by scammers to convey scams because people often put too much trust in postings and messages they receive through social media. Cognizant of this fact, the European Commission, led by French consumer authorities have given Facebook, Twitter and Google+ until April 16th to come up with proposals to address the growing number of scams using their social media.  If the proposals of these companies are deemed not satisfactory, the European Commission has indicated it would resort to enforcement actions.

TIPS

This is a positive step by the European Commission.  It starts with the recognition that scams are rampant on social media and then permits the various social media companies to have substantial input as to how they will constructively deal with this problem.  However, if the companies fail to act responsibly in this matter, the European Commission is ready to impose regulations.

As for all of us as consumers of social media services, the most important way to avoid scams on social media is to follow my motto, “trust me, you can’t trust anyone” and always be skeptical of any offer you receive on social media, particularly ones that require you to provide personal information.  In addition, never click on links or download attachments unless you have absolutely confirmed that they are legitimate.

Scam of the day – January 18, 2016 – Identity theft dangers of social media

Social media is as much a part of modern day life as a morning cup of coffee.  Facebook, Twitter, Instagram and many other social media sites are the primary way that many people communicate.  With more than 500 million people on Facebook alone, you can expect that identity thieves will be there taking advantage of the opportunities for identity theft presented by social media.  Although many social media scams involve luring people into clicking on links containing keystroke logging malware that will steal the information from your computer or smartphone and use it to make you a victim of identity theft, a major source of identity theft involving social media involves people posting too much personal information about themselves that can be manipulated by identity thieves for their illegal purposes.

Recently the Niagara County New York County Clerk Joseph A. Jastrzemski issued a warning about people putting photographs of their driver’s licenses on Facebook and other social media.  Too often, a young person who just got his or her driver’s license will post a photo of the license on social media without realizing that he or she is providing information, such as address and birth date than can be used to either contribute toward their becoming a victim of identity theft or for purposes of creating phony driver’s licenses which can be sold on the black market that can result in the victim of the identity theft having motor vehicle offenses that turn up on his or her  own driving record.

TIPS

When it comes to posting personal information on social media, often the less you provide the better. Don’t ever post driver’s licenses or other forms of personal identification.  Too much personal information in the hands of an identity thief can make his job easier to target you for spear phishing emails or text messages that use the information they have harvested from their intended victim’s social media to make their spear phishing communications seem legitimate.  This can result in the victims trusting the communications and downloading keystroke logging malware.

Don’t befriend everyone that asks.  Identity thieves will contact you with phony profiles to lure you into providing information they can use to make you a victim of identity theft.  Also, check out the privacy policy of the various social media sites you use.  You may be providing more information than you want to share with other people.

Scam of the day – September 27, 2015 – Facebook dislike button scam reappears

It has been more than three years since I first reported to you about the Facebook dislike button scam.  The scam involves a link on your wall informing you that Facebook now has a dislike button and you can take advantage of this new feature by clicking on a link.   This is a scam.  There is no dislike button on Facebook.  If you click on the link,  a number of things may happen, all of which are bad.  You may be prompted to provide personal information that will be used to make you a victim of identity theft or you may unwittingly be signing up for expensive monthly services on your smartphone or you may automatically download malware that gives the identity thieves access to the personal information in your computer or smartphone which identity thieves then use to make you a victim of identity theft.  Additionally, clicking on the link may give the scammer access to your profile and the ability to send out malware and spam to all of your friends and make it appear that the material is coming from you.

This scam is experiencing a resurgence because last week, Facebook CEO Mark Zuckerberg  spoke about Facebook considering a feature similar to a dislike button.  However, such a feature is a long way from becoming a reality.

TIP

There is no dislike button so if you see a link to one, you can be sure that it is a scam.  If you unwittingly have downloaded this, you should delete it from your Facebook account as soon as possible and report it to Facebook.

Scam of the day – December 13, 2013 – Paul Walker Facebook scams

You can always count on scammers and identity thieves to capitalize on every tragic event that captures the public’s imagination.  Whether it was the Newtown, Connecticut school shootings of a year ago to the recent tragic death of actor Paul Walker, scammers and identity thieves know how to take advantage of the public’s desire for more information and often lurid details.  Recently there have been a number of different Walker related scams turning up on Facebook which share a common basis.  They star with a post on your Facebook page, which often can appear to come from someone you know, when in fact, it is really from an identity thief who hacked into the Facebook account of a friend of yours.  The post provides a link to be able to view a video of the actual crash that had not appeared in the news.  Unfortunately, if you fall for this bait by clicking on the link, one of two things can happen, both of which are bad.  In one scam, you are led to a survey that you need to complete before you can view the video. In fact, there is no such video and by providing the survey information, you have enabled the scammer to get paid by advertisers for collecting completed surveys.  However, the problem is worse because by completing the survey, you have turned over valuable information to a scammer who can use that information to target you for phishing and identity theft threats.  Even worse though in another variation of this scam is when click on the link and unwittingly download a keystroke logging malware program that will steal all of the information from your computer including credit card numbers, passwords and bank account information and use that information to make you a victim of identity theft.

TIPS

Remember my mantra, “trust me, you can’t trust anyone.”  Merely because a post on your Facebook page appears to come from someone you trust, the posting could be merely from someone who has hacked your friend’s Facebook account.  Other times, the posting may indeed be from your real friend, however, that real friend may unwittingly be passing on tainted links that they have received.  In matters such as rare celebrity footage, you should limit your sources to only those that you know are legitimate and can trust such as www.tmz.com.  If it isn’t on TMZ, then it doesn’t really exist.  It is a scam.  Also, make sure that you keep your anti-malware software up to date with the latest security patches.