The Marketing Advantage

Connecting You with Your Customers

Social Media’s Dark Side: Phishing and Scams

Posted by advantagemarketing on June 2, 2011


Aujas, an Advantage Marketing client, is an information risk management firm knowledgeable about all things cyber-security related. I recently asked Karl Kispert, Aujas VP for Business Development, how social media users can protect themselves from scammers, especially on Facebook and LinkedIn. Here’s what Karl and his expert team had to say.

social media and phishing

Scammers and hackers are targeting social media. Your company and its employees have to do their part to fight them.

The buzz about social media has been increasing recently. There are more than 500 million active users on Facebook, with 50% of  them logging on at least once a day from their office, home, coffee-shop, school, or from smart phones. Social media has emerged as an effective marketing tool to engage with a mass audience and many companies have an active presence across LinkedIn, Facebook or Twitter. As Natalie Petouhoff, Senior
Researcher with Forrester Research, Inc., said, “Social media isn’t a choice anymore – it is a business transformation tool.”

But as fun and engaging as social media is, it has a dark side. Hackers and scammers are exploiting it to create new ways to infect computers and networks and to trick unsuspecting users into revealing their personal or financial information.

How do scammers pull this off? They go phishing. A scammer will hack into a Facebook or LinkedIn user’s account and send out messages to friends or connections, unbeknownst to the user. These messages look genuine but are carefully crafted by scammers to trick recipients and exploit their emotions.

Messages with links to breaking news, celebrity stories, or even adorable puppy videos can all be engineered to make the user click through. Clicking on a link about Kansas tornado victims, for example, would take the user to a site that asks for credit card information for a donation. This information is then collected and exploited by the scammer.

A user may also see messages like these on their LinkedIn home page or Facebook wall:

Tornado victims need your help, please donate http://ntbnking.lnkd.it/jpn/donation

I bumped into some of your old friends the other day; they wanted me to send you this – http://facebooklink

By clicking on the links, malware or a virus gets downloaded and the user’s system is compromised.

Yikes. If we can’t trust messages from our friends and connections or even what’s written on our own wall or home page, are we crazy to use social media? Fortunately, education and awareness can help fight phishing attacks and scams and keep us all using social media safely.

Here’s what companies can do to fight phishing attacks:

  1. Establish a social media strategy. Clearly document and enforce what is allowed and not allowed to be discussed and
    disclosed on social networking sites.
  2. Conduct social media awareness programs which should include the rewards and risks of social media. Such training should
    also cover how to identify malicious websites and differentiate between original and fraudulent websites.

Here’s what employees can do to avoid becoming the prey of phishing attacks:

  1. Never click on a link or a bookmark which is associated with financial transactions or asks for any sensitive information; instead always manually type the URL in the address bar.
  2. Don’t click on links which ask to download ActiveX or software on your system. These could be Trojan/malware which later becomes the control center to remotely control your system and others in the network.
  3. Ensure that the site is authentic and using secure layer (https) before providing any sensitive information about yourself or your organization.
  4. Report suspected links to your internal security team and the social networking site so that they can work with the hosting provider to bring down the phish website.

Social networking phishing attacks are on the rise, according to the latest Anti-Phishing Q2 2010 Report. Both companies and employees have to play their part to counter the phishing risks of social media.

Karl Kispert is Vice President of Sales and Business Development for Aujas for North America. He can be reached at 201 633 4745 or karl.kispert@aujas.com. Learn more about phishing and cyber-security at www.aujasus.com.

One Response to “Social Media’s Dark Side: Phishing and Scams”

  1. […] https://advantage-marketingblog.com/2011/06/02/social-media-and-phishing/ […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: