Social Media is going through an unprecedented explosion in popularity right now. Don't believe me? See for yourself. There are no signs this trend is going to slow anytime soon.
But this huge surge in popularity also makes the various social media networks a prime target for scams. While these social networks do a great job of proactively fighting the onslaught of spammers and scammers, occasionally a well-timed attack can slip through the cracks.
Just in the last couple of weeks, both Twitter and Facebook have both had several accounts compromised by viral phishing scams. In general terms, a phishing scam is any attempt to capture or steal personal information from an unknowing victim. In the social media world, this often is the process of trying to capture the username and password of a given social network account.
Most of us are familiar with getting spam messages or half-hearted scamming attempts in our e-mail or on our social media accounts. However, what makes these scams particularly effective is that they often times will be sent by someone that you already know. Once they obtain the login information of just a few initial accounts, scammers will then send out more messages to everyone connected to the compromised accounts. This means even just a couple accounts can quickly snowball into thousands.
Of course, the messages are specifically designed to pull at your curiosity. Here are the sample messages from the most recent attacks:
Twitter:
rofl this you on here? http://videos.twitter.secure-logins01.com
Facebook:
lmao! i cant stop laughing at you in this pic, when did you do this? http://tllg.net/xyzxyz
As you can see, there are a lot of similarities between these two different scams. First, they both reference the fact that some funny has happened in either a picture or a video. This is a very strong and effective pull for the far majority of people to want to know more. Also, both of the messages contain all lower-case lettering, which is common in unformal chatter between online friends.
And the scam has other things working in it's favor. In the example of Twitter given above, the link took you onto an extremely well replicated version of the log-in page. Because Twitter has an open API (meaning it easily allows third parties to develop applications), there are many legitimate and trusted sites which do have you log-in when using them. So many Twitter users don't second guess having to enter their log-in credentials.
Lastly, if you aren't a scammer or spammer yourself, consider following @WiseBread and @ManVsDebt on Twitter! You can find even more to follow on WiseBread's list of Top Personal Finance Blogs.
Disclaimer: The links and mentions on this site may be affiliate links. But they do not affect the actual opinions and recommendations of the authors.
Wise Bread is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.
great points !
I think an obvious piece you should keep in mind on these social sites is to keep your personal information general. ie - don't include your house number, the city you live in is close enough. Be careful about sharing your phone number as well and above all - NEVER give out your social security number under ANY circumstance.
PS - lmao at this picture i posted of you on my blog, click on my name to see the whole thing
J/K ! !
Don't post anything you wouldn't want your worst enemy seeing. If something can be used against you, leave it out. Keep personal info general.
I love Phish! I don't know why every keeps getting so down on them. People need to relax and stop criticizing people's choice of music.
Free the weed!