1. Phishing & Spoofing
Phishing is the process of trying to dupe you into disclosing private details – it could be your email, social media accounts, your bank account or credit card details, anything that’s useful to online criminals. The financial and reputational loss that can occur as a result of handing over these account credentials is easy to imagine.
While individuals are always a target, businesses often provide richer pickings for online criminals. The scams regularly involve receiving an email or online message that appears to come from a trusted social media connection or business contact, but is actually a carefully-designed fake.
Phishing emails will often contain links to spoof websites that are practically identical to the real sites they are trying to mimic. Some will collect your login information then link you back to the genuine site, covering their tracks in the process.
To stay safe, always be wary of emails or messages asking you for personal information, or requiring you to click website links to verify personal accounts. Check for the padlock symbol on domains, that they’re spelled correctly, and be suspicious of websites that have long, confusing addresses.
2. Fake software
A common technique used by online scammers is to panic you into downloading their software. You may receive an email or pop-up alert that your computer has been infected by a virus and that you urgently need to download a new piece of software to repair it. Don’t get caught out. Often, nothing has infected your computer and the software you to download to fix the non-existent problem actually implants malicious code onto your computer.
Some rogue software might also lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program), steal your personal information or disable updates to legitimate antivirus software.
To protect your computer, always be sure to have firewall, antivirus and antispyware software installed – and switched on. Be wary of downloading freeware or shareware unless you’re sure they are from a reputable source.
3. Fake Twitter accreditation
Verified accounts on Twitter allow you, in theory at least, to tell the difference between a real person or company’s account and those of potential imposters. Accounts verified by Twitter feature a blue tick badge on the profile page. Scammers will create Twitter profiles that look similar to official Twitter accounts and purport to be from the verification team. They encourage Twitter users who would like to be verified to carry out tasks on Twitter, usually following specific accounts or promoting their content.
For a business, the reputational costs of re-tweeting content from bogus accounts or communicating with fraudsters on Twitter can be significant. Twitter will never ask you to re-tweet their content so be suspicious of any official-looking Twitter accounts that ask you to do so. Also, Twitter accounts are always verified themselves, so if you’re suspicious, check that they are. Blue verification badges can be faked using profile background images, so double-check that an account is genuinely verified by hovering your mouse over the blue badge. If it is a genuine verified account, a tool-tip will display to confirm that the account has been verified by Twitter’s team. If no message appears, it’s a fake that shouldn’t be trusted, and should be reported to Twitter.