Facebook Home To Christmas Scammers Offering PlayStation 4 Consoles, Kaspersky Lab Warns

17 Dec 2013
Virus News

It’s now the norm for people to send Christmas greetings over Facebook and Twitter. As we get ready for the latest round of Christmas-themed status updates, we should also prepare for a barrage of scams on social networks in the coming weeks too, Kaspersky Lab experts have warned.

In the lead up to the festive period, Kaspersky Lab has seen scammers trying to interest Facebook users with pages about PlayStation 4 offers, and deals on new Apple iPhones and iPads. There were even pages about an iPhone 8, which doesn’t actually exist. Although these posts rarely look even slightly official or legitimate, many are falling for them and lending credence to the scam campaigns. One Christmas competition supposedly offering PlayStation 4 consoles had received over 776 entries.

Here are some examples of Facebook scams to avoid this Christmas:

Whilst PC users have long been in great danger of infection, mobile users, who will be messaging like mad over the Christmas period, are increasingly being targeted. Given the number of shiny new phones and tablets on offer this season, from the iPad Air to the updated Google Nexus lineup, cyber criminals will be chomping at the bit to exploit the new batch of mobile users connecting on Facebook and Twitter.

To keep your social profile and your personal data safe over the Christmas period, here are some tips:

  1. Don’t give away too much. It’s nice to share at Christmas, but don’t share too much personal information. If you do lose control of your social media account to a malicious hacker, it could mean more than just having your privacy infringed upon or messages being posted on your behalf. Hackers can use your information to potentially breach other accounts, such as online banking services. So don’t give away too much factual information about yourself, such as your address, and certainly don’t share banking details in messages, as they might not stay private forever.
  2. Don’t click on untrusted links. Scammers use numerous techniques to get people to give away their Facebook logins. Clicking on an email link entitled "Facebook Christmas Specials", for example, could lead to a fake Facebook portal which invites users to enter their login details. As the interface appears identical to the real social media platform, users don’t realize what’s happening until it’s too late. Once the victims have entered their details, the hacker has their passwords. As most people tend to use the same password for services such as eBay, Amazon and webmail, this can trigger a dangerous chain reaction. You should, therefore, never click links that don’t come from trusted parties. Even if a link has been posted from a friend, still be wary - they may have been hacked.
  3. Use two-factor authentication. Facebook and Twitter are becoming increasingly security-conscious. Both have introduced two-factor authentication, which means the user can give another credential, such as a unique number sent to them via text or an application, when logging in. So even if a hacker does get hold of your username and password, they won’t be able to login as they won’t have that extra credential.
  4. Get the right security. Various kinds of malware sniff around your system for social media passwords, such as the innocent-sounding Pony malicious software. Others, like Kelihos, are spread across Facebook and attempt to steal other personal data. Outside of taking precautions, such as not clicking on links from untrusted parties, users need to invest in a decent anti-virus solution that can deal with the latest and most prevalent threats. A properly configured firewall is a must too.


© 1997 – 2014 Kaspersky Lab ZAO

All Rights Reserved. Industry-leading Antivirus Software