Social media – the new playground for fraudsters

Social media – the new playground for fraudsters

Earlier this year Javelin Strategy & Research issued new figures on identity fraud, and unsurprisingly the focus of the research was social media. Social, dating and business networking websites such as Facebook, MySpace, Bebo, and LinkedIn, have rewritten the digital landscape as users create their own profile and share conversations, photos, videos, links and personal information with friends and other online users. Unfortunately this opens the door to fraudsters who use these trusted services to target victims with their scams. Many will be familiar to computer owners: malware; spam; and page hacks; but less so in their new social media guises…

Malware remains by far the most common social networking fraud because members will install user-created applications on their profile pages. These might be used for animation, calendars, photo-feeds or simple games, unfortunately they can often hide spyware, trojans and viruses that members then unknowingly either download to their own computers or post on their profile page. Social networking sites are particularly vulnerable because, by their very essence, they are communities built on trust. Users don’t expect to be scammed by other users and that makes them easy targets for fraudsters.

Spamming is another familiar issue, such as the Nigerian 419 advance fee scam, only these are now often able to bypass spam filters by coming through the social network. A great deal of social media spam will originate from the victim, usually because they have installed a malware widget program. Often purported to advance the design of a user’s page, such malware will actually be designed to spam all the user’s contacts.

But fraudsters do not only want to use your profile to spam others. They want to spam you. This is achieved with carefully targeted emails using the social media search tools to identify a members’ area of interest. In the worst case these details can be collated into master spam lists of people with specific interests that are sold on to other spammers.

In part 2 we will look at the growing threat from social media identity theft…