The MH17 'tribute' and other social media scams to beware of

There has been outrage after scammers posted links on Facebook purporting to show the moment Malaysian Airlines flight MH17 crashed. Even worse, the links have been posted on tribute pages to the victims also set up by scammers. The links actually direct people to sites where their computer will be infected with malicious downloads.

Scams directed at social media sites, such as Facebook, have massively increased in the past few years.

As well as your computer becoming infected, sharing information via these sites is also the number one way criminals can steal personal information which can lead to identity theft.

[Flight MH17 latest]

Social media scams

The most common social media scam targets people by offering a fake gift, such as a £100 gift voucher.

Victims are encouraged to join a fake group or event with the incentive of a free gift card and at the same time give away personal information. These scams also work by using fake websites which can lead to viruses being downloaded onto a PC or a smartphone.

Often the free incentive is linked to something the person has ‘liked’ or become a fan of – such as a football team, fashion brand or celebrity. This means they’re even more likely to click on it and hand over information to the scammer.

Manual sharing, where someone reposts something to their own site, on their Facebook wall or Pinterest board for example, is the second most common scam.

Fraudsters are also using fake ‘like’ buttons on Facebook and copycat plug-in links to trigger malware attacks which then lead to information being stolen.

Although Facebook is the most common vehicle for scam attacks, Twitter, Pinterest and Tumblr have also been targetted.

There has also been a rise in targetted attacks whereby a fraudster finds out personal information such as address, job or interests before sending out an attack.

Mobile phone scams

As mobile phones become more advanced, criminals are finding new ways of stealing the information on them.

Smartphones have become “powerful computers” and because they’re tied to a bank account they are very attractive devices to criminals.

Privacy leaks, which enable scammers to obtain private information and the user’s location, are one of the most common types of mobile malware.

The second is premium number fraud which works by a company sending out text messages announcing, for example, a winning prize draw ticket. The victim then replies or calls a premium number to claim their ‘prize’ but they just end up giving away private information and losing money.

How can I protect myself?

Criminals are now targeting people through social media because it’s an easy way to obtain personal information. If you receive a message or an invite through Facebook, for example, you’re more likely to trust it if it’s from someone you know. But scammers know this and that’s why they’re using social media to con people out of millions of pounds.

However, although these scams are on the rise, it doesn’t mean you have to be a victim.

If you receive an email or link you think is false on Facebook you can report it by emailing: phish@fb.com. Twitter also lists common scams on the feeds @safety and @spam.

Risky links

If something seems too good to be true then it probably is.

Links offering a chance to win tickets to a sold-out gig, for example, are almost always going to be spam which will either direct you to a copycat website or start downloading malware to your phone or PC.

Only ever accept invites from people you know or follow links from a trusted source. If the company looks dodgy you can always Google it and look for an address and phone number to find out if it exists.

Protect your passwords

This rule is not specific to social media and should be followed for all your accounts.

Don’t use the same password for every account you have and make sure they’re complicated enough so someone else won’t guess them - but also not too complicated that you forget.

Fraudsters often target victims with surveys and use the answers to guess the passwords to their email or bank accounts. Therefore avoid using familiar words which can identify you.

Sharing information

Putting any kind of personal information on a social media site means everyone following you can find out about it. This is fine if it’s just your closest friends, but when it’s people you’ve never met before it can lead to problems.

Make sure you regularly check your personal settings, especially on Facebook, so that your information and photos are not being viewed be scam artists.

This is harder to do on sites such as Twitter so be careful not to post anything which will lead to your identity being stolen. Adding a location onto tweets, for example, will show people when you’re away from your house.

[The scam that could empty your bank account]