Have you or some of your friends experienced account theft or “hacking” from social media accounts? Kaspersky shares some expert advice to protect yourself from cybercrime
I guess a lot of us have encountered shout outs from our friends or relatives saying their account have been hacked and that they only have 1 account. I do recall wondering why some of my existing Facebook friends would suddenly send me another friend request when we already are connected. I still receive this once in a while and due to the increasing cybercrime nowadays, to double check that I’m really connecting with the right person, I send a message to the original friend account asking if it’s him or her asking for the 2nd connection. Well, it wouldn’t hurt to ask.
Statistics released in May of last year show that the amount of Facebook users in Malaysia amount to 13.3 million, equivalent to 45.5 per cent of the Malaysian population at that time, which ranked Malaysia as 8th in Asia and 21st in the world. Facebook users now transcend age and it is important that we are all made aware of the dangers of not being alert when using Facebook.
Facebook remains the preferred target for cybercriminals who specialize in stealing social network accounts: according to Kaspersky Lab’s statistics, in Q1 2014 fake sites imitating Facebook accounted for 10.85% of all instances when the heuristic anti-phishing component was triggered. Only fake Yahoo pages sparked more phishing alerts, leaving Facebook the prime target among social networking sites.
Today’s Facebook fakery is a global business, with cybercriminals attacking the site in a variety of languages: English, French, German, Portuguese, Italian, Turkish, Arabic and others.
Unauthorized access to accounts in Facebook or any other social network can be used to spread phishing links or malware. Cybercriminals also use stolen accounts to send spam to the victims’ contact lists and publish spam on their friends’ walls where it can be seen by other users, or to spread messages asking their friends to send urgent financial assistance. Hijacked accounts can also be used to collect information on individuals for use in future targeted attacks.
Smartphone or tablet owners who visit social networks from their mobile devices are also at risk of having their personal data stolen. To make matters worse, some mobile browsers hide the address bar while opening the page, which makes it much more difficult for users to spot fake resources.
“Cybercriminals have developed a number of ways to entice their victims to pages with phishing content. They send links to phishing web pages via email or within social networks or in banners placed on third-party resources. Fraudsters often lure their victims by promising them ‘interesting content’. When users follow the link provided, they land on a fake login page that contains a standard message asking them to log in before viewing the page. If users don’t become suspicious and enter their credentials, their data will immediately be dispatched to cybercriminals,” said Nadezhda Demidova, Web Content Analyst, Kaspersky Lab.
4 Expert advice to prevent account theft
- If you receive an email notification from Facebook or a message that your account may be blocked, never enter your credentials in a form attached to that message. Facebook never asks users to enter their password in an email or to send a password via email.
- Place the cursor on the link and check if it leads to the official Facebook page. Moreover, you should manually type the Facebook URL into the address bar – cybercriminals are capable of concealing the addresses to which they are leading you.
- When you have manually entered the URL in the address bar, check it again after the page has loaded to make sure it has not been spoofed.
- Remember that Facebook uses the HTTPS protocol to transmit data (check your URL bar, it should say https://to know that you’re in a secured site). The absence of a secure connection probably means that you are visiting a fraudulent site even if the URL address seems to be correct.
More information can be found at securelist.com.
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report “Worldwide Endpoint Security 2013–2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012.