We all have our areas of interest — make that obsession — and when something related to them crops up online, we can be instantly transformed into monster click-machines. The problem here: Many of those clicks can either lead to your victimization or becoming an unwitting co-conspirator in cybercrime.
To make matters worse, once your computer is infected, it can become a soldier in a zombie army — aiding and abetting a variety of online crimes — not to mention a conduit for transmitting your information to people who view the theft of your data as their day job.
In the best-case scenarios, the objects of our passion and mania are used by unscrupulous click farmers to trick you into helping them make money. Usually this has to do with artificially driving up traffic or social interaction for a product or site, but there are plenty of worst-case scenarios.
Here are some common tactics and items that will, unfortunately, sound all too familiar to you.
Recently, it was Robin Williams (or worse yet, this week’s tragic beheading in the desert), but any celebrity or high-profile person will do. And it doesn’t have to be a murder or death—Justin Bieber getting arrested is a sufficient catalyst. When the news goes into real-time mode, scammers come out of the woodwork offering bread and circuses to the world: the panache of what’s missing — something new.
Sometimes there’s malware attached to the video or “breaking news.” Or in the case of Robin Williams, there was no video and no malware. Instead, the Robin Williams links circulated on Facebook sent users to a fake BBC site, which required them to share the video on Facebook before they could see it. The result: an avalanche of posts about a nonexistent video.
The same click-stealing method has been associated with the real death of Amy Winehouse and the fake death of many others. Celebrity sex tapes follow a similar path. The bottom line at the user end is that if the content you want to view requires an action on your part, the only action you should take is to close that window in your browser.
|Your Facebook Friends|
Facebook is the second most-trafficked site on the Internet. When it comes to your time and productivity, Mark Zuckerberg has given us the ultimate gift that keeps on taking.
Because the herd is so large, scammers have spent a lot of time hatching schemes for harvesting everything from clicks and “likes” to the kinds of personally identifiable information that can be used to commit serious financial fraud, health insurance fraud and a host of identity-related crimes. And it all depends on your obsession with what your friends are talking about this hour.
Here is a list of common Facebook scams. But the rule of thumb is simple: If you aren’t sure about something on the second biggest site online, go to the number one trafficked site – Google — and check it out before you click. Don’t just blindly “like” a friend’s Facebook post without knowing what’s behind it.
The way hackers work this particular scam is very specific and most likely not one that need overly concern you (unless you’re a terrorist or happen to own or run a large corporation with trade secrets that are worth billions in the grubby little fingers of a rival nation state).
The Citizen Lab at the University of Toronto studies the way information moves—including the way it can be filtered and grabbed and re-routed. A recent report detailed leaked information about software that took advantage of the flow of clear-text data used on YouTube (the opposite of encrypted data, which is how email and other sensitive information moves around the Internet).
The technique detailed by Citizen Lab created a very sophisticated man-in-the-middle hack that allows nation states to place surveillance software on a target computer. The underlying assumption: Even the bad guys watch cat videos.
Could it become available to a crime ring or terrorists who want to create data havoc? Of course it could. Worry level: SNAFU.
Let’s say “someone” is clicking on pornographic images. Then suddenly a window pops open showing something truly revolting—and illegal—followed immediately by a message informing the voyeur that his or her device is locked, but can be unlocked for a $300 penalty fee. That’s known as the FBI ransomware scam. The idea is that you’ll pony up some cash just so no one ever has to know what you were viewing at the time.
The most recent version of this malware is bouncing around the Android platform, but it can be found all over the Internet. Embarrassment aside, it can be fixed, but it will take time. While there’s plenty of advice out there for staying safe – like making sure you only install legitimate apps, and don’t fall for phishing attacks, to name some — you won’t be safe unless you heed it.
Adam Levin is chairman and co-founder of Credit.com and Identity Theft 911. His experience as former director of the New Jersey Division of Consumer Affairs gives him unique insight into consumer privacy, legislation and financial advocacy. He is a nationally recognized expert on identity theft and credit.