/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow Us/pcq/media/post_banners/wp-content/uploads/2016/10/Snip20161006_2.png)
Once Kim Kardashian West’s spokesperson and Paris officials revealed that she was robbed at gunpoint in her private Paris residence, Norton recorded a whopping 2400% increase in Kim Kardashian related spam and scams within first 24 hours of the revelation. Cybercriminals were quick to notice the high public interest and capitalized on the trending news to entice people to click on links or attachments.
Attackers used a social engineering tactic that uses current events as a hook to play on people’s emotions and attract attention. They do so by posting sensational or emotional breaking news stories; sometimes capitalizing on a recent news event, or making up a fake, shocking news story. In this case, nearly one hundred different subject-line variations were seen in spam messages alone associated with Kardashian’s name, including “Breaking News” and “Photos of” in the subject line. The majority of messages Norton has tracked are in English, French and German.
Ways to Spot a Fake
Be skeptical. Just because you see it on your feed doesn’t necessarily mean it is true. Sometimes, your friends may have fallen victim to the scam and are not aware of it; scammers using click-jacking could have hijacked their account. Always check the link before clicking. You can do that by either hovering over the link or looking directly below the link itself on the Facebook post, which shows the referring website’s URL. Only visit known and trusted websites.
Be very suspicious when there is a call to action before being able to view the content. Moreover, actions such as having to share the media before viewing, requests to take a survey or download additional software are all huge red flags. If you need to know if the event happened, use a search engine to verify the validity of the headline. If you were to type in the subject of the event, you would see stories about how it is a fake. If it were a real story, there would be several news articles listed about the event. You can also visit trusted news sites to verify the story.
Top tips for staying safe from social engineering scams:
Don’t open e-mails or click on attachments from those you don’t know.
Be sceptical: just because you’ve seen it on your newsfeed doesn’t mean it’s not a scam. Your friends may have fallen victim to a click-jacking scam and are not even aware of it.
Think before clicking: Hover over the URL before clicking to see what kind of site you’ll be redirected to – a good rule of thumb is to visit only websites you know and trust.
Be suspicious of any calls to action: if it asks you to fill our information, download a plug-in (which could be malware in disguise) or share with friends before watching or reading the content, that should be an immediate red flag.
Report suspicious activities or content to the social media platform or your e-mail service provider.