Don’t Be A Victim To Social Engineering Attacks - How To Spot A Scam

Not a week goes by without another scam, phishing or hidden cyber attack being shared around social media like it’s the best thing since sliced bread. These attacks are hidden in plain sight and designed to lure you in with the chance to win, normally on an item which there is no feasible way any company or person could give away for free! 

The most recent of these, I must have seen shared by 50 people on my Facebook feed alone this week. It is the chance to win a Land Rover Range Rover 2019 Supercharged, now this alone should ring alarm bells, no one is ever going to give you a car for free! Even ITV with Good Morning Britain or Loraine requires you to pay ￡1.50 for entry. The bells should continue to ring when you look at the name of the Facebook page "2019 Range Rover" this is not a page being published by Land Rover or even a car dealership.If you go to the page there is one post, the one everyone is sharing the page has only existed for about a week and will go as soon as the time expires and a new page will be set up.

Your distrust of this post should continue when you see that it says  " Catherine Anderson - United Kingdom was under the legal driving age" this statement alone is a blatant breach of GDPR and no legitimate company would ever share the name of a previous winner, their country and also give their age out. The final reason you should know not to trust this post is the last line "After visit https://www.rangerover2020.com to validate your entry" if this is a Facebook competition why do you need to visit a website to validate your entry and why would the web URL be something set up off the Land Rover main site?

If you managed to miss all of these alarm bells and continued onto the website, you are given yet more warnings this is not real,  The first being that the site asks you to select your location up front and one of the options is "Other". Very rarely to competitions span across country borders. Secondly your device also warns you that something is wrong with the site, if you press the grey (i) next to the web address your device will tell you " This website is not a secure connection". As an IT professional I cannot stress how important it is to never entry any details or press any buttons about your location, or personal data on a site which is not secure.

However, say you missed all of the warning signs and really wanted this car, what happens next? Well once you choose your country you get bounced off to a different website which asks you to enter a mobile phone number and email and is completely unrelated to the post you shared, liked and followed. If you enter your details into this page first of all you are subscribing to a pay to use a text service for at least ￡4.50 per week, for nothing! Second of all you have given the company the right to sell your details and use them however they want. The final sting in all of this is that this company knows what they are doing as the last line of their T & C's states " is not affiliated with, sponsored or endorsed by any of the products or retailers listed" - so back to my very first point that Land Rover knows nothing of and has no link to this product, advert or "competition".

Be safe online and avoid the scams, social engineering like this is becoming more common and could effect you personally or your business on a financial or reputational level. Don’t take the risk, be safe online and think before you share these posts or sign up.

 If you do see these on Facebook please take two minutes to press the three dots and report it as spam, this will teach Facebook not to publish and promote these and make everyone safer online. 

You can read more about the risks that are out there in my previous article here, and if you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect your business, should that be with new technology, strategies or even better back ups, you can reach us using the contact details below;

 Contact me at - LinkedIn Message James Dell or Email : [email protected]

 Call 01235 433900 or Email : [email protected]