Though cybercriminals are always looking for ways to scam people out of money and private information, the holiday season can be a rich opportunity for those looking to be deceitful.
New Orleans Baptist Theological Seminary found that out this week. In honor of Giving Tuesday, a day set aside to encourage giving to nonprofits, schools and other charities that falls each year on the Tuesday after Thanksgiving, the seminary posted a fun giveaway on its Facebook page Nov. 23.
Within hours, a scammer had created a fake Facebook account claiming to be the seminary in an effort to mislead possible supporters.
The seminary issued a warning on its Facebook page:
This post is to inform you that a fake NOBTS account has been created. The account is under the name “New Orleans Baptist Theological’seminary.”
The account has created a post claiming to announce the winner of our most recent giveaway contest (this is false). Our account will NEVER ask you to enter your credit card information to receive your giveaway prize.
If you receive a friend request from this account, please do not accept it and report the account. Our account is a business page, so it cannot send out friend requests. If you have any questions or concerns, please direct message us.
In a blog post at Walsh College, Dave Schippers, a certified information systems security professional and professor, warns that offering a free giveaway is a frequent delivery method for malware, software designed to damage and destroy computers and computer systems.
While many people are suspicious of such giveaways received via email, users may not recognize them so easily on social media platforms.
Schippers cautions social media users to avoid direct messages with links to surveys, websites or pages that require an additional login for Facebook or an email provider.
When it comes to fake Facebook accounts, Schippers offers this common-sense advice: “If you’re already connected on Facebook, you should not receive a second Facebook friend request.”
Cloned accounts
If you use Facebook frequently, no doubt you’ve seen a post from a friend declaring he or she has been “hacked” and not to accept a new friend request from them.
The folks at ricksdailytips.com provide some reassurance on this common Facebook phenomenon, noting “the situation really isn’t as dire as it seems.”
In most cases, Rick says, those duplicate friend requests are being sent from an entirely different account. In other words, they are cloning the account, not hacking it.
“What they’re doing is simply copying whatever personal info you have made public on your account, along with a few of your pictures and using that info to create a brand-new account in your name. They then send all of your Facebook friends a friend request from the new fake account,” he explains.
So the first step is ignoring or reporting those fake friend requests. (Read more about how to do that here and here.)
Be suspicious
And Schippers says if you do receive a request via Facebook, Messenger or some other social media platform to view content or provide information, always be suspicious.
“If you wouldn’t [take an action] in the physical world, don’t do it in the digital world,” he said. “If you met someone on the street who said they lived in your neighborhood 20 years ago and 10 minutes later asks for your Social Security Number to give you $2,000, you’d be suspicious. You should use the same scrutiny and judgment, and more so, in the digital world.
“Just because someone says something is true, does not mean it is. It just means they said it. … If it sounds too good to be true, 99% of the time, it is not true. Be cautious.”