How many times has this happened to you? You are on your favorite social networking site and one of your friends sends you a message or posts, “check out this cool video!” So you click the video and are told that you need to upgrade your software to watch it.
Maybe you do.
And maybe you just got hacked. Maybe your Twitter account will suddenly start sending out inappropriate messages to all of your followers, or asking them for money, or worse.
By now, we all know not to open suspicious emails, attachments from people we don’t know, and all the rest. But the thing is, the bad guys know you know it. That’s why their schemes have become much more savvy, social, and dangerous.
The bad news is that it is very easy to fall victim to social media fraud, but the good news is that you can prevent it. And prevent it you better. If you fail to protect your online social media brand from hackers, you run the very real risk that your beloved brand, that entity you have worked so hard to create, may be compromised for good.
Think it can’t happen to you? Think again.
Just today I spoke with a gentleman who owns a very successful dotcom business. And even though he previously had worked for a company that dealt with online security, his new company’s Twitter account was recently hacked, and for a week his customers thought his company was sending out Viagra tweets.
Once upon a time, people who were victims of cyber scams suffered, but at least it was in private. One of the worst parts of being the victim of a social media cyber scam is that it is very, very public. It can damage you personally and professionally.
I have been doing some work recently with Symantec, a company that offers computer protection software and services, and have learned, not only how real the fraud threat is to small businesses who engage in social networking, but just how pervasive it is. So I asked Kevin Haley, the director of security response for Symantec, how social media fraud typically occurs. He explained that these attacks can arise in any number of ways:
· You may get a “friend request” on Facebook, and when you click on it, you are sent to an identical faux-Facebook page where you have to login. You do. Keystroke logging software controlled by the crooks then record you login info, and presto! You are no longer in control of your account.
· Or say a friend’s account has already been compromised and “he or she” sends you a message with a link to click. Because you trust your friend, you click the infected link, and, as Mr. Haley said, “Bam! You’re owned.”
· The malicious Facebook or Twitter messages might relate to, say, the death of Michael Jackson and offer “secret information” by following a link. The link then may prompt you to download an update of Adobe Flash. It’s not Adobe you end up with.
One of the real dangers inherent in social media scams is that because it is social, you tend to trust the messages you get. You may never know that your “friend” is not really your friend, or that the guy from “The class of 2000 alumni group” never went to your school.
A far more serious version occurs when criminals send bookkeepers or financial officers an online message that contains links to infected sites. If they click through to the site and click the bad link, keystroke logging software can end up on their computer. The bad guys then use this to record login info for, say, your company’s online bank.
They then logon to your bank.
The FBI says that this scam has illegally transferred more than $100 million out of small business bank accounts and into the accounts of the cyber-criminals.
Here’s is what the experts suggest you do to avoid being a victim of the new social media fraud outbreak:
1. Buy, install, use, and train your employees on some top-notch small business security software. Install an integrated security solution on all desktops, laptops, netbooks, etc. Make sure the suite prevents virus, blocks intruders, protects privacy, and stops malicious programs.
2. Educate employees not to use file sharing programs or to download free programs from the Internet.
3. Monitor your social media accounts for suspicious activity.
4. Password protect your wireless network.
5. Change your passwords often.