The immensely popular social networking site Facebook has a user base of over 1.19 billion, which also makes it a popular medium for scammers. It is important to be able to identify a threat before it hits you because the consequences that follow one “quick click” may leave your bank account empty and your identity stolen.

53% of scams target social media users

Bitdefender conducted a survey on Facebook and Twitter by befriending 1,900 people. They then sent the users three links leading to malware. Based on the results, they discovered:

“97 percent of respondents on Facebook and Twitter blindly click on links without checking for malware.”

It’s therefore not surprising that scam makers are successful in tricking Facebook users. In fact, during a two year Bitdefender study involving 850,000 different Facebook scams, it was discovered what the top five most prevalent scams are and the collective percentage of users that fall for each. Here are the top 5 scams you need to keep an eye out for:

#5) Atrocity videos: animal cruelty, suffering people and other dark videos (0.93%)

Atrocity video scams prey on a users darker side. Cybercriminals use horrendous images involving maimed animals, murder, suffering children, and tortured women to draw a user in. Although still relatively small compared to other scams (less than 1%), this type of scam is growing at a steady rate, with thousands of victims with every new campaign. According to the report:

“Children and teenagers are the most exposed to atrocity video scams, and we expect their number to intensify in the future.”

Cybercriminals use atrocity videos as a way to serve users with links to fraudulent web sites that prompt you to complete surveys and offers before watching the video. Cybercriminals hope to earn a commission for every survey completed. Malware is also distributed in this way.

In order to combat this type of scam, you must avoid falling victim to your own curiosity and fight the urge to click “play”. Stay vigil and use common sense. Check the domain name of any seemingly suspicious links to videos and images provided before clicking on it. Cyber criminals have no shame and even use tragic events as airline disasters to lure people into clicking. Steer clear from viewing atrocious content on Facebook and get your news from major news websites instead.

#4) Celebrity scams: celebrity scandals and death hoaxes (7.5%)

The fourth most popular type of Facebook scam preys on a users desire to keep up with the latest news and gossip on favorite celebrities such as Rihanna or Justin Bieber. The videos are often shocking news, such as the death of a celebrity or adult content. The primary goal of this scam is to trick you into clicking a link that will then ask you to update your video player or redirect you to an external source prompting you to download something to watch the video.

This scam appeals to a users sense of curiosity and amplifies it by using enticing trigger words and popular celebrities. While some videos lead to Potentially Unwanted Programs (PUPs) such as adware, others are more serious and lead to data stealing malware that can turn your computer into a zombie as part of a botnet.

In order to combat this scam, users must use caution and common sense. In order to stay up to date on your favorite celebrities, use a legitimate and verified news and video source. Think before you act, remember if something seems so shocking that it is unreal, it probably is. Avoid watching adult content based videos on social media sites.

#3) Freebies and giveaways: Free -enter any company name- gift card!  (16.5%)

Giveaway scams are the third most popular Facebook scam that preys on the human instinct of greed. A few examples of this scam are – winning free trips to Disneyland, receiving free gift cards, vouchers and free electronic items such as an iPad. A well known saying is “nothing in life is free”, especially if something sounds too good to be true. If somebody on Facebook tells a company is giving away vouchers or gift cards if only you invite your friends to the offer or click on a link—don’t believe it. If you do, you’ll end up spamming all your contacts with bogus messages about the fake offer.

If a user falls for a “free giveaway” or “freebie” scam, they are at risk of downloading a potential malware infection. Before qualifying for a free promotion, you must complete several “special” or “reward” bonus offers. The bonus offers are provided at the users expense costing real money. Cybercriminals receive a commission off each survey and receive a treasure chest full of confidential information such as your username, E-Mail, and phone number.

In order to combat, users must keep a mindset that almost all of the free offers encountered online are bogus. Always think before you click and if an offer does seem suspicious, contact the company to verify the promotion’s authenticity or check the company’s Facebook page. Never enter your most sensitive credentials on any free surveys and promotional offers that seem too good to be true.

#2) Facebook functionality enhancements (29.5%)

The second most popular Facebook scam is one that supposedly extends Facebook functionality. Users are seemingly presented with options to add a dislike button or embellish their profile with different colors or features, such as this one. This scam centers around a users desire to improve their overall social networking experience. Once a user decides to take advantage of the supposed enhanced Facebook features, cybercriminals can access and steal a user’s most sensitive data and spread malware by use of fake online survey pages. Never enter your data in seemingly suspicious forms or surveys on social media sites.

In order to combat this scam, Facebook users need to help raise user awareness. Also, never click on links leading to pages that offer the ability to change your background and profile color as Facebook does not offer such an option.

#1) Who viewed my profile? (45.5%)

By far the most popular, widespread Facebook scam that users will encounter (almost 46%) preys on the the aspect of human curiosity. User’s want to see exactly who, what, and how many views their page is getting. The “profile viewer” message is customized to each person, touching users on a personal level. A lot of users want to see if they are still searched for by a person for whom they may still have feelings for, such as an ex.

The scam involves installing a malicious Facebook application that seemingly provides this very functionality. After initially accepting the terms of use for the who viewed my profile application, users may begin to notice strange occurrences such as postings on their Facebook timeline and unauthorized access to pictures and personal information. Unknowingly to the user, their sensitive information and pictures are being used in phishing, fraud, and targeted spam or malware attacks.

In order to combat this type of attack, users must be made aware that finding a legitimate application which reveals high profile details such as how many views or how many viewers you have is highly unlikely. Don’t click on suspicious links to pages that you don’t know where they are taking you and don’t add applications to your Facebook that have not been checked and confirmed to be safe by Facebook’s developers.

General human dispositions cause users to fall for these tricks

The report delves into psychological explanations as to why users fall for the traps. The conclusion:

“The biggest vulnerabilities appear because of general human dispositions that may hit any user at one point in his life,” Bitdefender Behavior Analyst Nansi Lungu said. “It’s hard for us to acknowledge our irrational behaviors, or that we’re blindly indulging in impulses we typically attribute to the less educated.”

1. Vulnerabilities appear because of general human dispositions – The way people act, think, and react give rise to threats and vulnerabilities.
2. Scams may hit any user at one point in his life – No matter how tech savvy or educated a user may be, no one is immune to falling victim to a scam at least once in a lifetime because cybercriminals always use the right psychological triggers.
3. We all behave irrationally sometimes, online and offline – Everyone at some point will say or do something crazy or careless without first thinking about the consequences that follow.
4. Scam victims are often less informed – Most scam victims are not aware of what something is or how it happens until its too late.

People are seemingly their own worst enemies. We don’t think before we act, and react before we think. This irrationality leads to cyber criminals having a motive to steal sensitive data and distribute malware as a means to make money. Cybercriminals take advantage of the fact that many users are not aware of online dangers and therefore aim to target this vulnerability. User awareness and caution is the key.

Tips to stay safe on Facebook

•  Stay informed and up to date on the latest malware outbreaks and security news via blogs and newsletters. It is important to stay up to date on the latest security news when fighting online threats. Read security blogs from Emsisoft and Sophos. Also, subscribe to receive security newsletters from security news sources. There are also good sites and Facebook pages to inform users about Facebook scams, such as this one.

• Use a reputable, up-to-date antivirus application to block malicious sites and malware infections. Antivirus applications are always essential tools used to detect, block, and prevent malware infections. It is critical to keep your antivirus enabled and up-to- date with the latest virus definitions to ensure maximum protection.

• Keep your operating system and applications up to date to minimize potential vulnerabilities. Always perform Windows updates and keep your software applications up to date. Cybercriminals on social networks will exploit vulnerable operating systems and software as a means to spread malware.

• Use caution and think twice before using the “quick click” method. Do not carelessly act and react without thinking. Use common sense and caution in order to avoid installing a potentially malicious application or visiting a suspicious web page. A lot of scams spread through Facebook friend recommendations, so don’t simply click on something a friends shared with you.

• Beware of the personal information you share on social media sites. The top five essential ” TMI” Facebook items to keep private and never share are your social security number, birth date, home address, home phone number, passwords and bank and credit card information.

• Customize various privacy options. Facebook gives a user control over their own privacy settings. Do not assume that you have to use the default settings. Check out the other configuration and learn how to adjust your security settings. Make yourself aware of how to limit what others can see and how to block unwanted guests from viewing your profile.

•  Avoid social media sites altogether to combat malware and scams. The last ditch effort to stop scams on Facebook is to avoid the social media site altogether. This may not be an option best suited for everyone. If you are consistently being infected or scammed on Facebook, it may be a good time to consider backing out of the social media game while you still have your identity and money.

• Use secure web browsers and security based add-ons to combat malicious web pages. Use a reputable, up-to-date web browser such as Google Chrome as a first line of defense. Chrome has the ability to block phishing and malware sites. Chrome allows for the use of a massive variety of different add-ons. Use ones such as Adblock Plus to block malicious ads and pop-ups and WOT to also help block phishing and malware sites which should further improve your overall security online.

• Use strong passwords. Probably the most critical part of staying safe on social media sites everywhere is to use strong passwords. Never give out your username or password to anyone. Cybercriminals are getting smarter and therefore cracking a weak password is a relatively easy task for them to accomplish. Learn how to make strong passwords here.

Have a great (scam-free) day!

http://blog.emsisoft.com/2015/04/16/how-to-stay-safe-on-facebook-and-avoid-the-top-5-scams/