Scammers are always trying different ways to trick an unsuspecting person into running and installing malicious software on their computer so they can steal information, install ransomware or worse. We have seen this through email, fake websites and fake phone calls. In some of the latest attempts that are steadily increasing, scammers are leveraging social media.
Recent scams have been targeting professionals on networking platform LinkedIn. The targets were selected based on their job title and company — specifically, people in digital media and digital marketing roles, as these people might have access to the company’s social media accounts. The scammers tricked the user into downloading something that looked like a pdf file, but it was really malware that would grant the attacker admin access to the social media account that they would then use to steal information and payment details and scam the company’s followers.
Marketing professionals aren’t the only ones being targeted. Attacks against executives and IT administrators are also common.
Even though you are on social media and not using email, the same rules to protect yourself should apply:
Be wary of messages and notifications from people you do not know.
Be suspicious of all requests asking for personal or financial information, even if the request is from someone you know. Creating fake accounts using other people’s names and real pictures is easy for an attacker to do.
Don’t download or click on unexpected links or attachments.
Additionally, be careful about what information you share on social media. While those fun quizzes might seem harmless, some of the answers you share, such as the name of your first pet or where you went to high school, are often the answer to the security questions that protect your online logins.