Social networks like Facebook, Twitter, Pinterest and LinkedIn, offer the opportunity to keep in touch with friends, meet new people, gather ideas and inspirations or make important connections. However, according to security company ESET, platforms can also be used for identity theft. For example: a cybercriminal can send you a friend request using a profile fake. By accepting it without any suspicion you end up giving access to a series of information and photos that can be configured only for friends – which facilitates the theft of personal information to «clone your profile».
What to do if someone posts pictures of you without authorization on Facebook
Dating sites can also be used to scam and even steal money. ESET has compiled tactics used by criminals to gain access to victims’ information. The security company recommends that people use common sense to detect suspicious profiles. Know the strategies used for identity theft and see what type of profile should be avoided.
ESET security company indicates contacts that should be avoided on social networks – Photo: Disclosure / ESET
1. Repeated friends on Facebook
Receiving a new friend request on Facebook from someone who was already your friend may mean that the person broke the friendship and then decided to resume contact. However, it can also indicate that someone with malicious intent is using a «cloned account» of your contact.
The process of cloned accounts involves making friends with a person, copying their profile and then blocking them, sending friend invitations to all their contacts. In this way, criminals gain access to a vast amount of information from people who usually leave their data restricted to friends only – trusting that the profile that added it is someone close.
The security company, maker of the famous NOD32 antivirus, also points out that even users who are more careful with their privacy settings can be the target of scams – since hackers can resort to sending malicious links (with phishing scams) by message.
2. Pinterest followers: rewards for rewards
Fake followers on the social network can be identified by looking at shortened pins through sites like Bit.ly. Few pins – one or two, for example – is another indication that the profile may not be true. ESET warns that, in fact, these short links are made to take the Internet user to questionnaires built to collect information or are accounts that supposedly give prizes in exchange for a «repin». In case of doubt, it is recommended not to click on the link.
3. Twitter bots that react to profanity
Some Twitter spambots are designed to detect when a user tweets an offensive word. Then they start following this person and retweeting the content, attracting them to follow them back – echoing the complaint and generating some engagement. With this, you have access to sending DMs (direct messages) closed to friends and start sending messages with spam.
4. False recruiters on LinkedIn
Taking into account the nature of LinkedIn, a profile on the platform contains various information that is relevant to criminals who steal identities, such as professional email, address and phone numbers of those registered on the job site.
For this reason, accepting any connection on LinkedIn is not a good idea. You also need to be aware of job offers that seem too good to be real. False recruiters can use this tactic to collect personal data or redirect victims to fake pages with the intention of stealing passwords or deploying malware.
5. Matches that give gifts
One of the tactics used on social networking sites is to use fake profiles, created by social engineering, to trick users. The scam usually involves sending virtual gifts to win the victim’s trust, which is done for months, calmly. Then they tell false stories and ask for favors that usually involve a large amount of money and, when they receive the requested amount, disappear. The recommendation for users of these services is to be wary when the suitor seems too good to be true.
What is your favorite social network? Exchange tips in the dnetc Forum.