Valentine’s Day has come and gone, and looming ahead—at least for the Philippines—is Graduation Day, usually held in the first or second week of March.
As scammers go to town aiming at your wallet with schemes that can lead to identity theft or a socially transmitted infection—or malware, a new kind of electronic STI, if you like—that can be as painful, Fortinet Ph shares the most common ways in which social media is used to spread infections and tips to help keep you safe during holidays and beyond.
Careful with e-cards. Online greeting cards are an easy way for scammers to infect your computer with malware, which gives them remote access to your files, online banking accounts, and passwords. It can also enlist your computer as a spam-sending “botnet.” So don’t click on embedded links from incoming e-cards, especially when they’re from an unnamed friend or a “secret” admirer. Beware of names you don’t recognize. Social media is built on trust. A friend list comprises people you would trust with your personal information; where you are, what you’re doing, who you’re with. And even if you recognize the sender’s name, check out the card company’s website to open the card and read it. Legitimate e-cards provide a notification message with a confirmation code that lets recipients open cards at those sites.
Shop online safely. It is always safer to shop for a sweetie’s gift from a reputable website instead of depending on keyword searches via search engines. Scammers have been known to create bogus websites, posing as legitimate vendors who sell counterfeit goods or nothing at all while collecting customers’ credit card information that can be fraudulently used.
Facebook enemies. Watch out for poems, love letters, quizzes or other messages on social-media websites supposedly shared by friends. These may be scammer-sent ruses that get you to download malware or make purchases on unsafe websites. Scammers have been known to package malicious software with legitimate software and advertising it on social media as a special deal (also called Adware). Beware, too, of Graduation Day’s teasers or apps that lead you to survey websites that generate commissions for scammers or, depending on the information provided, put you at risk for identity theft. Do think twice before opening Facebook messages with generic greetings such as “Graduation Day” and “Special Greeting”—even if you know the sender. Some rogue apps are instantly spread to others after being opened or posted on a Facebook wall.
Sale-related spam. Expect an inbox brimming with offers for deals on chocolates, jewelry, roses, and other Valentine’s-themed gifts. But be skeptical unless the offer is from a company you’ve done business with, and therefore already has your contact information. Links within such emails can also unleash malware or lead you to scammer-run copycat websites.
But if you just came home to find your Twitter account sending out spam in a foreign language, or you see any other signs of having caught an STI, do the following immediately: change the password of the affected account to one that is secure, more important, and unique, and do the same for any other accounts that use the same password; visit the applications page of the social media site the account was on and revoke access privileges of any apps you don’t recognize; run virus and malware scans on your computer; and let your friends know that your account was compromised and that they should be careful about any strange messages they receive from you.
How to practice safe surfing
Now that you know more about STIs, here are the best ways to prevent infection from the get-go.
Always use (unique) protection. Having secure passwords goes beyond the regular precautions of mixing letters, numbers, and special characters. The most important thing is to have every password be unique to the account it is associated with. This way, having one account breached won’t cause all your other accounts to be vulnerable. Also refrain from using passwords that can be easily guessed, such as the generic “123456” or “password,” or birthdates. Use a password manager to secure your password and help you create new ones that are difficult to guess. Once you have set a secure password, you should change it often and never share it. If for some reason you have to share your password, do not send this information across a network, and change it as soon as possible.
Make VD stand for “Virus Detection”. All computers need to have antivirus and antimalware programs installed and kept updated. It is also recommended to scan your computer on a regular basis, especially if you often download files from the Internet.