When Samiksha Chaturvedi logged on to Facebook a few days ago, she found that a friend had posted a link on her wall: 'OMG!! Samiksha you look so stupid in this video'. Curious, she clicked on it. "I was scared someone created a video of me without my knowledge," she says. "So I just had to check it out."
Little did Chaturvedi know that she was activating a spam that would access her Facebook friend's list. The malicious code then automatically posted similar messages on their walls, as if originating from her. "By the time I realized what I had done, the code had spread amongst my contacts," says the 17-year-old.
Similarly, thousands of other users were trapped into spreading the viral message on the social networking site last week. Hackers use similar ploys to harvest all kinds of user information that can be found online. This data could include contact numbers, login credentials, and even sensitive bank account and credit card details.
"In the underground economy, cybercriminals buy and sell this information. Credit card data is being sold for as little as Rs 5," says Abhijit Limaye, director security solutions company Symantec. Earlier it was email , but current trends point out that hackers find social networks to be a more lucrative playground. "You're more likely to do things your friends recommend and most users get fooled because the messages appear to come from people they trust," says Christian Funk of online security firm Kaspersky.
Identifying scams
If the same link is shared by multiple people – and if it is all over your Facebook newsfeed — it may be a spam. Any application that promises to tell you who checked your profile on Facebook is definitely spam. Any post that is baiting: Shocking images, unbelievable news, contests that will grant you millions of rupee. Links that promise freebies.
It's usually a chance to win a free iPad or some other expensive gadget. Links that have been posted on your Facebook wall or direct messages from Twitter friends you hardly interact with. If the link comes in a language or writing style that doesn't match with the personality of your friend, there is a big chance that it might be spam. Be careful with links that have been shortened using a URL shortening service as these services can easily be used by hackers to direct you to a malicious site.