Malware on Social Media: It’s Spreading. How to Protect Yourself.

Posted by:

It’s easy to be relaxed and unguarded when roaming around Facebook. But with the rise of malware on social media, you better amp up the vigilance.

Email phishing and spear phishing attacks are a popular way for cyber scammers to spread malware. But social-media platforms pose significant threats, too.

Facebook, LinkedIn, Twitter, and the like are goldmines of juicy information for crooks.

Once they gather enough personal details from your profile and posts, they can target you with scarily legitimate-sounding email scams. Click a link, and poof! You’re infected with malware.

Or they’ve got their dirty hands on your login credentials to bank, credit-card, and other accounts.

However, you don’t have to stray far from your Facebook or Twitter page to get ambushed. Cyber villains distribute malware through tainted ads, links, and downloadable applications.

And with the skyrocketing popularity of social media among individuals, schools, businesses, and organizations, these abuses are escalating.

Hackers love these platforms, because people tend to be relaxed—if not complacent—when reading, posting, and reacting to information. Users may friend/connect with people they don’t know to build their “tribe,” or they’ll readily interact with strangers.

It’s not uncommon for scammers to create fake profiles so they can engage with—and dupe—unsuspecting victims.

Recently, vulnerabilities in Facebook and LinkedIn allowed the Locky ransomware to embed itself in image and graphic files. Users were warned to avoid clicking on .SVG and even JPG files transmitted via Facebook Messenger.

Here’s a Check Point video of Locky in action on Facebook. (Note: Facebook denies the ransomware infiltration, blaming the problem on a bad Chrome extension.)

Last year, the fraudulent rollout of a Facebook “dislike” button—which appeared in people’s news feeds and encouraged sharing—directed people to two different scam sites. There, visitors were asked to sign up with personal information, giving crooks some juicy private data. 

Think Before You Click

Links that appear to come from family members and friends may be a ruse. Swindlers can hack your connections’ accounts and send messages through their profiles or post infected links on their social-media pages.

Make sure the language of the message is “in character.” Is it written and punctuated the way your friend would normally write? Would your mom really send you that crazy cat video? Beware, too, of attachments with weird extensions, like .SVG.

When in doubt, check with the sender before you open anything. 

Is It Advertising? Or Malvertising?

Ads infected with malware—or malvertising—pepper social-media sites. Since people tend to trust ads they see from “legitimate” companies, they’ll click without hesitation.

That’s when the trouble begins. Clicking on tainted ads can trigger the malware download or send that person to a website that distributes viruses, ransomware, or other bad stuff.

How can you distinguish legitimate ads from fraudulent varieties? While there’s no foolproof method, steer clear of ads that:

  • Look amateurishly designed
  • Contain spelling, grammatical, and/or punctuation errors
  • Resemble clickbait, e.g., promise miracle cures, seduce with celebrity scandal, or entice with overnight success
  • Are inconsistent with your browsing behavior (ads are generally targeted to your interests)

Better yet, don’t click on any ads—even those that appear to come from trustworthy sources. If you see something that interests you, go directly to that company’s web page. Alternatively, use an ad blocker.

Bottom line? Practice safe social media:

  • Limit what you share
  • Engage with people you know and trust
  • Be skeptical of attachments, links, and ads

Of course, it goes (practically) without saying that you should always run strong anti-virus software on your computers/network. That serves as your first line of defense against known malware.

Just as important is user education. All it takes is one misstep to create malware havoc on your system. Share these tips with your staff, students, colleagues, and friends.

Has your school or organization suffered malware attacks? Let us know how you coped in the comments section.

Malware on Social Media: It’s Spreading. How to Protect Yourself.
Article Name
Malware on Social Media: It’s Spreading. How to Protect Yourself.
With the rampant dissemination of malware on social media, it's time to amp up the vigilance factor. Here's what you need to know to stay safe.
Publisher Name
Publisher Logo

About the Author:

Lisa McComsey is a freelance writer, marketing consultant, and contributor to K12USA’s website and blog. In addition to her passion for technology, Lisa is a running and bicycling enthusiast, author of two books ("The Vegan Cheat Sheet" and "Seagan Eating"), and a hopeless chocolate addict.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.