The FBI’s Atlanta Division has issued a public warning about a new wave of cybercrime targeting verified social media accounts. Cybercriminals are using these high-profile accounts to promote scams and malicious software, often affecting large audiences who trust the credibility of verified influencers.
According to the FBI, these account takeovers are carried out through phishing or social engineering tactics, allowing the scammers to access established followings and spread their fraudulent schemes more effectively.
Just the Facts:
- Targeted Accounts: Verified social media profiles, often with substantial followings, are being compromised by cybercriminals. This has allowed scammers to reach followers who are more likely to trust the content shared by verified accounts.
- Scams Involved: Many of these hijacked accounts are promoting cryptocurrency “giveaway” scams, which frequently link to malicious websites that aim to steal wallet information. Other common scams include links to supposedly free software downloads that, instead, lead to malware.
- Impact of Malware: The malicious software embedded in these scams can capture sensitive information such as usernames, passwords, and cookies. This enables cybercriminals to potentially take over additional accounts owned by the victim.
How to Stay Safe:
- For Followers:
- Avoid assuming that verified accounts are always under the control of the actual influencer or creator, especially if the content seems out of character.
- Be cautious of posts that use urgency to compel you to click on links, especially if they offer cryptocurrency giveaways or free downloads.
- Verify unfamiliar links by checking the website’s “WHOIS” data, and proceed with caution if the domain was recently registered or is from a country with a high prevalence of cybercrime, such as Russia and China.
- For Influencers:
- Strengthen security by using unique passwords and enabling multi-factor authentication.
- Be wary of unsolicited emails claiming to be from social media platforms, especially if they ask for login credentials.
- Regularly monitor account activity and check for unfamiliar devices logged into your account.
How You Can Help: Anyone who has fallen victim to an account takeover or has encountered an online scam is encouraged to report the incident to the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov. By reporting these crimes, victims can aid in tracking and curbing the spread of such cyber threats.