Internet privacy is fast becoming the world’s most prominent oxymoron of late, judging by recent research into the dark side of social media. Yes, hackers have been trying to rig elections across the globe, if recent news stories are to be believed, but this spotlight on the huge data analytics of today’s social media databases has revealed more than its creators ever envisioned. By current estimates, there are over three billion account profiles on social media purveyors, but the vast majority of them appear to be fakes for a variety of reasons, but fake just the same.
With such high-level scrutiny, the owners of these sites have been quick to jump on the public relations bandwagon in a vane attempt to display their desire for public good. Here is one recent quote: “It might sound positive that over six months in late 2017 and early 2018, Facebook detected and suspended some 1.3 billion fake accounts. But an estimated 3 to 4 percent of accounts that remain, or approximately 66 million to 88 million profiles, are also fake but haven’t yet been detected. Likewise, estimates are that 9 to 15 percent of Twitter’s 336 million accounts are fake.”
The percentages revealed above seem a bit off, but you must remember that each social media site touts its number of accounts for competitive reasons. Researchers, however, are not constrained by such business motives. They can independently review a survey grouping and then extrapolate using statistical protocols to arrive at their more-heftier conclusions for fake profiles. Why are there so many fakes, you might ask? We will discuss that in a moment. Not all are for direct fraudulent purposes, but a major new fad has hit upon celebrities that wish to boost their “Likes” and droves of followers. For a few bucks spent in the right places, you can suddenly have adoring fans in the millions, if only by numerical count. Where there is demand, enterprising entrepreneurs will supply.
The real takeaway from these studies is not necessarily the proportion of fake accounts, profiles, and identities to the legitimate ones, but it is really that social media is riddled with traps for unsuspecting consumers, tempting you into unfamiliar territory where you have no natural defenses or law enforcement officials to protect you. In other words, you are alone and on your own, having to deal with a horde of malicious types that are already several steps ahead of you and anticipating your every move. They are trained in the psychology of fraud, an aggressive form of marketing designed to fleece you of your handy cash, your life savings, and your humility. Don’t become a victim!
What have recent research studies gleaned about social media scams?
Social media fraud has become a burgeoning topic, worthy of your attention and security professionals across the globe. You need only Google “Social Media Scam”, and within 0.31 seconds, 35.2 million hits are reported. If you switch to the “News” headline for current data, you will traverse a multitude of pages before you ever find anything from more than a week back. The articles are appearing from every nook and cranny of the planet, as if this phenomenon were the driving force behind all criminal activity today.
One key fact from these studies is that the age demographics of victims are shifting. We tend to believe that the elderly and infirm are too slow or witless to ferret out a scam in progress, but new research reveals the amazing statistic presented in the above diagram. Millennials, comprised today of the age grouping between 22 and 37, is twice as susceptible to the conman’s hoodwinking scheme than are those over the age of 60. The apparent switch or rise, if you will, is due to the presence of social media. Today’s key age grouping is obsessed with being connected, almost “24X7”.
According to the survey preparers, there was one other interesting fact regarding this revelation: “While older people were more likely to become victims of phone scams, younger people were “more likely to fall for” online scams on social media or the Internet. One young victim noted that, “I like to think I am fairly well-educated, and I was completely blindsided.” One interesting thing to note: When the older people did lose money, they lost more — a median $621 for those in their 70s, as opposed to a median $400 for those in their 20s.”
These amounts refer back to studies performed in the United States. In our previous article on the psychology of fraud, we referenced a UK study: “A few years back the Office of Fair Trading in the UK, in conjunction with the University of Exeter, carried out extensive research and psychological interviews with over 10,000 people that had been previously victimized on average out of £1,000. One of the basic notions that they discovered was that our natural intelligence can work against us. We assume that we understand a specific subject matter, exactly what the crook needs in order to implement his plan.” The amounts are higher, perhaps, since the study was more broadly based.
Social media has also become a very important tool for businesses to keep in touch with their customers, obtain feedback for enhancement cycles, and gauge enthusiasm over potential new product offerings. Businesses then become unwitting enablers for high-tech crooks that can then engage the firm’s followers, exploit an already assembled audience, and then select targets for eventual monetization. This approach has been termed “Spray-and-Pray” in the security industry, but it is only the initial ploy that can then enable another technique called “Expand-and-Land”, in which “attackers target specific organizations or users — similar to spear phishing — and then use these victims to find others of similar interest.” The diagram below explains how this works:
How successful have these schemes been? Once again according to researchers: “Financial scams have doubled in the past year on social media. Around 250,000 finance and banking scams were lurking on social media platforms including Twitter and Facebook in 2016, but now, this estimate has almost doubled having reached a total of 437,165 fraudulent campaigns. Based on reported incidents and losses, the average victim ends up losing $414 per scam.” If 2017 was bad, what might 2018 data be?
The present contagion is not new news regarding the potential for social networking to be a haven for the criminal element of our society. As far back as 2010, security professionals were warning that, “The trust-based characteristics of social networking platforms are being abused and manipulated by cyber-criminals. These characteristics create an environment where users take actions without knowledge of the consequences. This environment is then magnified by the global acceptance of social networking.” Sounds like these fellows knew what was coming down the line.
Studies also show that there are two characteristics of social networking that are prized by today’s modern cyber-thieves. First is reach. The shear the size of social networks gives cyber-crooks an instant global platform of potential marks. Facebook boasts that nearly 200 million users login each and every day. Second, “the trust mechanisms of social networks help cyber-criminals fool their victims. Spam messages sent by impersonating a trusted friend in a user’s social network are better received than those sent through e-mail.” Always be wary of any unsolicited approach, no matter the source.
What are the “Top 5” social media scams plaguing the industry today?
For those individuals that must deal with social media fraud on a daily basis, the days are getting longer. The basic problem is that there are so many moving pieces in the social networking infrastructure, each with its own differing objectives. Any type of prevention program would require a concerted effort by all parties where each might have to compromise something they dearly love about the system. Many professionals concede that this “perfect” solution will never happen. Consumers must become aware and go from there.
From that perspective, Norton and the Symantic folks summarized the “Top 5” social media scams, in no particular order, as follows:
- Chain Letter: Believe it or not, chain letters are alive and well on the Internet, the favorite being that Bill Gates will donate $5 to charity, if you join the chain. It is a ruse to be avoided, unless you want to be on a crook’s list;
- Cash Grabs: Beware of the new friend that asks for money for some sudden emergency. The more favored tactic is to send an email to your contacts asking them to help you by sending money per your instructions;
- Hidden Charges: Have you clicked a link to play a cute quiz or find out something special about yourself? These links will ask for your cell phone number and other information. Suddenly you will be inundated with monthly service charges for services you never heard of – Ouch!
- Phishing Requests: This ruse starts with an email that claims to have secret information about you. You hit the link, which takes you to your Facebook login page – Do not login! It is a fake “clone”, designed to obtain your login credentials and cause havoc with your contacts;
- Hidden URLs: Shortened URL links proliferate social media, especially Twitter. If you blindly click on one of these bad ones, you will have no idea where you are going, but the crook takes you to his server, which installs all sorts of malware on your computer.
Would you feel better informed if a famous conman gave you the inside scoop?
Do you remember the movie entitled, “Catch Me if You Can”? Leonardo DiCaprio played the part of Frank Abagnale, who ran away from home at 15, quickly learned to forge checks, but then graduated to impersonating an airline pilot, a doctor, and a high-powered lawyer. He was extradited from a French prison to face charges in the U.S., but the FBI arranged a reduced sentence in return for his helpful service. He is now a renowned fraud expert and recently spoke to a packed house at a convention.
His insider warning: “We expect by 2020 more than six trillion dollars will leave the world economy to cyber-related crime. One constant threat is the Internet and social media. Everything a con artist needs to steal your identity is online. Your settings should be set to “Private”, and never post a passport-like picture on your page – Automated face recognition software can easily steal your profile and mug shot.”
Social media is the rage these days, especially with Millennials, but it is also a fraudster’s paradise. To be forewarned is to be forearmed!