#CybersecurityAdvisory: In light of the recent incidents involving the malicious tagging or mentioning on Facebook, the DICT Cybersecurity Bureau recommends the public to remain vigilant and to observe the following:
HOW THE SCAM WORKS
• You get a Facebook notification that someone tagged you in a post.
• It appears to be a link to an “adult” video, and a dozen other Facebook Users are also tagged.
• Upon clicking the link, a pop up window appears saying you need to download a Flash Player update before you can watch the video.
The file you are prompted to download is not really an update — it is a malware. In addition to opening you up to ID theft by scanning for personal and banking information, the malware also perpetuates the scam. It takes over your Facebook account, creates another fake video post and automatically tags a bunch of your friends.
HOW TO PROTECT YOURSELF FROM SOCIAL MEDIA SCAMS
1. Don’t take the bait. Stay away from promotions of “exclusive,” “shocking” or “sensational” footage. If it sounds too outlandish to be true, it is probably a scam.
2. Be careful of shortened links. Scammers use link-shortening services to disguise malicious links. Don’t fall for it. If you don’t recognize the link destination, don’t click.
3. Don’t trust your friends’ taste online. It might not actually be them “liking” or sharing scam links to photos. Their account may have been hacked or compromised by malware.
4. Report scam posts and other suspicious activity by following the instructions here: https://www.facebook.com/help/217854714899185