In June, we discussed some common social engineering attacks that you should be aware of while spending time on Facebook. These include seemingly innocent raffle games and fake profiles that victimize those who are easy to accept friend requests.
While technology has made our lives easier in so many ways, this has also led to cybercriminals being more creative when it comes to harming their victims. Social engineering attacks, which seek to manipulate people into giving out their sensitive personal data, continue to evolve. You may see something that looks harmless when you click on it, but it is possible that criminals lurk behind the scenes.
Here are additional social engineering attacks that you should be aware of while surfing online.
Facebook is known for having a lot of online quizzes that you can answer, such as your favorite color or the name of one of your elementary school teachers. Yet, even online quizzes can be used as a way to steal your personal data.
In Australia, there were four cases of individuals reported to have their data stolen after answering Facebook quizzes. Fortunately, nobody suffered financial losses due to the incident. In the state of Massachusetts in the US, the police have warned the public not to share too much information online.
“Hackers are setting these up as a get-to-know-each-other-better game. They then build a profile of you from several different data sources. They use this data to hack your accounts or open lines of credit in your name,” the Sutton Police Department of Massachusetts said.
While there may be some quizzes that are not meant to steal your personal information, the general rule that we should follow is to always be cautious of what we share online.
Getting that blue badge together with your name may look cool given only famous people like celebrities or politicians usually get them. But, do you also know that there are fake verification scams online?
For example, there are purported social media consultants who promise to get you verified on Instagram (which is owned by Facebook) if you pay thousands of dollars to them, according to a report by CNET. CNET also reported a so-called Turkish consultant who promises to get people on social media channels such as TikTok. However, a deeper investigation revealed that people could get tricked by phishing if they click the link the consultant has shared with them.
Verification scams are also gaining traction as these have already been seen in around 70 countries, CNET said.
Aside from your data being stolen in these verification scams, there could also be consequences should you decide to get verified through unauthorized channels.
“If we detect that verification was acquired in a malicious way, or that an individual is selling verified accounts to others, we will take action that could lead to permanent removal from Instagram,” a Facebook spokesperson told CNET.
So, what lesson can we get from here? If you want to get that blue badge, the safest way is to request it from the social media channel you are in.
Have you ever received texts from unknown numbers saying that they can offer you millions of pesos in loans at very low interest rates, say 1-2% per year? Whether your answer is a yes or no, you should know that according to a report by WeLiveSecurity, this is also a common social engineering attack on Facebook.
In exchange for giving you a loan, they would ask for an advance fee from you. While the seemingly excellent financing terms may tempt you to get a loan from them, you should ask yourself whether they are a reputable institution at all. Are they regulated by the Bangko Sentral ng Pilipinas (BSP)? What is their history and experience when it comes to lending to customers?
One sign that it could be a financial scam is that the usage of English is not that proficient, such as noticeable grammatical errors.
To avoid falling victim to a loan scam, the best place to get a loan is from financial institutions regulated by the BSP as the regulator can protect consumers. You are safe with banks because there is a framework of regulations governing their operations to ensure that the banking public’s interests are protected.
This content is part of the Banker’s Association of the Philippines’ (BAP) #CyberSafe campaign, where the BAP aims to promote awareness in cybersecurity. The campaign will upload new posts tackling common web security questions and issues, on Wednesdays and Sundays every week.
For more content on cybersecurity, visit the BAP Official YouTube channel.
