New Account Draining Method Appears on LinkedIn-Instagram, Recognize & Prevent

Jakarta, CNBC Indonesia –Social media such as Facebook, Instagram, and LinkedIn, have now become a field for cybercriminals to ensnare victims through malicious links hidden behind advertisements, direct messages (DM), and clickbait content uploads.

Phishing on social media is different from regular spam emails. Here, cyber attacks feel more personal and convincing. Criminals use personal data available on the internet to create targeted attacks. They can even impersonate close friends, coworkers, or a brand.

Fake profiles that imitate official company accounts or popular figures are also increasingly common. The goal is to make victims believe and then click on the trap link that has been inserted in the message or upload.

Usually, this malicious link is disguised in an attractive offer, surprising news, or the lure of a prize. If clicked, the victim will be directed to a fake site or automatically download malware that steals personal data.

Phishing links usually have a different pattern from links in general. Here are the characteristics of phishing links that you need to be aware of:

1. Links with suspicious spelling and formatting

Phishing links often use domains that are similar to the original site but have additional symbols or random letters, such as faceb00k-login.com or amzn-prime-update.net. These types of links are often inserted into promotional messages or fake prize quizzes.

2. Unprofessional language and writing

Phishing content is generally written with many spelling errors, inconsistent grammar, and uses informal language. This indicates that the message does not come from an official company.

3. Sent at unusual hours

If you receive a message that comes in the middle of the night or on weekends from an account that is supposed to be official, it should be suspected as phishing. Usually the perpetrators target moments when the victim is off guard.

4. Urgent or threatening tone

“Click this link immediately before your account is disabled!” or “Reply within 24 hours to claim the prize” are common sentences used to provoke panic. Avoid responding to messages with time pressure like this.

5. Strange attachments

Criminals usually insert malicious attachments in. Many people open them out of curiosity, and unknowingly click on the link or button inside. The attachment can be a Word file or a zip file that, if opened, will infect your device with malware that steals login data. So, never open suspicious attachments.

How to prevent phishing on social media

To avoid phishing traps, here are preventive steps that social media users can take:

Verify the sender or account before interacting. Always check the profile thoroughly, especially if you receive a message from an account you have never met.

Check suspicious links before clicking on them. Use a URL checker tool or hover over the link to see the real destination.

Set account privacy so that it is not easily accessible to strangers.

Report and block suspicious accounts to avoid falling victim to others.

SOURCE : CNBC INDONESIA