1. Fake Google+ invitations
"Scammers use themes such as invitations to new social networks," says Assolini, who pointed to this specific example, which is popular among Brazilian cybercriminals. Targeting Portuguese speakers, attackers have been sending out fake invites to Google+ that contain malicious links to malware, specifically bank Trojans.
Interestingly enough, the body of the invitation also contains a link to a separate web form hosted on Google Docs. It says to fill out the form to send the invitation to your friends, but really it's simply a means perpetuate the scam by collecting names and emails of new victims.
2. Instagram lottery scam
Profiles began popping up around April belonging to so-called lottery winners in both the US and the UK, and they post pictures of the "winning" tickets. The poster writes below the image that he just won millions of dollars and intends to donate a thousand dollars to each of the first 80,000 people that follow him. All they have to do, of course, is leave a comment with their email address.
"I thought, it's got to be a joke, these people can't believe this is going to happen," says Narang. "But I go and look on the comments and I see that people are posting their emails! Do you honestly think this guy is going to send people money just for following him? Yeah, they do!"
Narang said that the scammers even try to double down after getting people to follow their profiles: they link to another Instagram profile and say that it's their accountant's, and that users should follow him to get instructions on how to get their money. Suddenly, the scheme has a monetizing factor behind it, too.
"He goes, 'I'm getting ready to send out checks, but I need you to donate 99 cents for postage to receive your thousand dollars. Click this link," says Narang. "And people were commenting, 'I just sent you 99 cents.'"
3. Shocking news that you won't believe!
Indeed, a link has been doing the rounds on Facebook, claiming to be a video of the Malaysia Airlines Flight MH17 crash. Needless to say, the link doesn't lead to a video at all, but rather spammy, pop-up filled sites or offensive content.
4. Tinder scams abound
"You say, 'But it's asking for a credit card,' and they say, 'Oh, it's just to make sure you're 18,'" says Satnam Narang, security response manager at Symantec. "But if you don't cancel within three days, you get charged a premium rate for service, anywhere between 40 and 80 bucks."
Then there are the fake prostitution profiles where there is text over the image saying, "GFE" (girlfriend experience) with a URL and a username. Should a user visit that address, they will be taken to an adult dating or casual hookup site. The appeal for scammers here is they can use this to monetize their scheme by way of PPL (pay per lead).
"If you end up signing up for a premium service, the scammers get even more money," says Narang.
There have also been spambots that inundate Tinder users with requests to install apps, specifically games, on their phones (see above). Again, monetization is the goal here: with every install, the scammers make more money.
5. Requests through Snapchat to take action
Snapchat spam has shown up primarily in the form of scammers sending photos with a caption requesting that the recipient manually perform an action on their own. These requests have included adding a username on Kik, visiting a website that pushes diet spam, or going to an external site to claim a prize that they have one.
That said, Symantec expects users of the app to see more direct forms of spamming now that Snapchat has a native chat function. Luckily, chats from non-friends do not make URLs clickable; should a user be intent on visiting the address, they must copy and paste it into their browser themselves.
6. Malwares spread via Facebook Messenger, Twitter
After the user clicks the link in the message, a malicious applet is installed and used to download a number of other files, including code that's used to steal users' Facebook passwords. The victim's profile is connected to either Ebuddy.com or the mobile version of Facebook, at which point the infected profile begins to resend the message to other users.
Once a user has been infected, the worm is also capable of spreading the message (and malicious link) through other messengers and social networks, including Google Talk, Orkut, and Twitter.
7. The diet pill scam
While scammers often use fake profiles they've generated themselves, says Narang, they usually end up getting shut down by the social network's services, at which point they turn to compromising legitimate profiles.
"These people were well known users with thousands of followers, and they got compromised and they were posting messages about, 'I can't believe I lost weight with these pills' and a link," says Narang. "One of the profiles they did compromise was a well-known fitness trainer. Considering she's in fitness and talking about weight loss, that probably got people to click through and buy the pills."
8. Directing users to Kik...and then to worse
Like with the other adult webcam spam, the issue lies with whether or not the user gives up their credit card number after clicking through to the site. Should they surrender their information, there are only charged a nominal fee initially, but then are hit with "premium" fees for much larger amounts if they don't cancel shortly thereafter.
9. Malicious Chrome extensions on Facebook
"Scammers have been offering a supposed 'virus removal tool' to clean your profile," says Assolini, "when in reality it installs a malicious Chrome extension and then uses your profile to attack friends."
This recent scam -- which includes variations like promising the ability to change the color of your Facebook profile or to see who visited it -- asks users to install an application from a Facebook page, which is in fact a malicious Chrome extension. While this may not be particularly unique in and of itself, the real shocker lies in the fact that there has been at least one malicious extension that was hosted on Google's official Chrome Web Store. To further mask itself, the extension was labeled as "Adobe Flash Player." Though Google has since removed the extension in question, but Assolini says that scammers are uploading new extensions regularly.
Once installed, the extension has commands to use the infected profile to send messages to the user's friends, encouraging them to download it as well. The script file that the extension downloads can also command the profile to "like" pages, thereby giving the attackers the ability to monetize the scam by selling Facebook "likes" for other pages.
"People are obsessed with getting hundreds of likes," says Narang, "So they're giving up their credentials to get likes. They're willingly opting into this botnet."
On top of people voluntarily giving up credentials to someone they don't know or trust, they are also violating Instagram's Terms of Service. The interface used to get likes for your photographs involves exchanging coins for likes, and more can be acquired through in-app purchases or by using certain hashtags.
"If you post one picture a day with a certain hashtag, you get 20 likes automatically," says Narang. "That's in direct violation of Instagram's Terms of Service."
Culled from: csoonline