With the increase in usage of social media, it is perhaps inevitable that it would become a target vehicle for cybercriminals to carry out their activities. According to the 2014 Mobile Behaviour Report by Salesforce, 75% of consumers access social media at least once a day through their smartphones, with 64% of users doing the same through their tablets. The number of social media users in the Asia-Pacific Region is expected to hit 1 billion by year-end, outstripping North America by nearly five times in usage.
Cybercriminals are increasingly capitalising on social media's wide appeal to carry out illegal scams, such as to spread malware on personal computers (PCs) and smartphones and steal personal information, according to Trend Micro Incorporated. The security software firm warned that these scams usually offer various content and social media personalisation options which would appeal to users who are looking to stand out in their social media presence, or to garner more likes and followers. According to Terrence Tang, senior director of consumer business for Trend Micro in Asia Pacific, these scammers lure users to install third-party apps through social media posts or trick users to click on phishing sites that cause malware infection.
"Users are advised to be ever vigilant when they surf online. Always check the source of posted links and apps, and change social media passwords regularly."
The firm has identified some of the more popular scams in a list below.
1. The Facebook Color Change app
The app offers the user an option to personalise their Facebook color. It will then lead users to phishing sites and mislead them into sharing the app and tutorial video with their friends. This app steals users’ profiles and spams users’ friends as well as infects mobile devices with malware.
2. Who Viewed Your Facebook Profile app
Using messages from friends or ads posted on their social media walls, the app invites users to check who viewed their Facebook profiles. User profiles and their social network will be exposed to the scammer once they click on the app.
3. Facebook videos with enticing titles
Phrases such as "Not Safe for Work" or "Outrageous" lead users to click on videos that redirect them to phishing sites which would cause them to lose personal information. Malware may also be passed onto users' devices, such as Rootkits which can be difficult to clean.
4. Facebook Fake Naked videos
Naked videos which appear in the form of ads or posts with links to sites which host bogus YouTube videos. Upon clicking, a user will find a request to repair their "broken" Adobe Flash Player by reinstalling it, in reality installing a Trojan in disguise.
5. Instagram InstLike app
An app which is used to boost Instagram likes and followers, it takes advantage of passwords and other information to spread itself even further.
6. Twitter Instant Followers
Similar to the InstLike app, this app promises Twitter followers for the user, who fall victim to spamming and further attacks.
7. Twitter Bait Scam
Messages like "just saw this photo of you" misleads users into clicking the links embedded in the messages, compromising the user's Twitter account and exposing their friends to similar attacks.
8. Tumblr Dating Game
Upon clicking, a user will create a dating account, which leads them to further ads or adult pages which generate additional revenue for the scammer.
9. Pinterest Bogus Pins
Bogus pins which offer free giveaways lure users into completing false surveys or phishing sites. Followers of the user will also be vulnerable to similar attacks.