Impersonation over FB still frequent, says CyberSecurity Malaysia

Cases of online impersonations, including those who pretend to be another Facebook user, are still rampant in Malaysia.

This is because users are not careful when they share information, says CyberSecurity Malaysia (CSM) chief executive officer Datuk Dr Amirudin Abdul Wahab.

“They do not set their accounts to be private. It is accessible publicly, giving the opportunity to be targeted by perpetrators.

“Sharing too much info without boundaries, using public WiFi to access social media and to fill in important forms also exposes users to threats,” he tells Sunday Star.

In fact, the CSM has recorded a rising trend in online fraud cases every month between January and May this year.

Online fraud, including impersonation on social media, make up the bulk of reported cybersecurity cases, with 234 in January and steadily increasing to 467 in May.

Last year, a total of 3,821 cyber fraud incidents were reported to the CSM.

On cases of victims being tricked into buying online game credits for scammers, CSM says it has received similar reports of such incidents.

Such scammers usually impersonate the victim’s friend on social media, asking for their phone numbers on the pretext that they have lost their phone and contacts.

Because victims trust the “friend”, they oblige and follow instructions.

In one case, a conman tricked the victim into sending an SMS to a number and asked the victim to send the screenshot to him.

“This is despite the SMS clearly requesting confirmation to buy something or containing words like “do not share the code”.

“The victim forwards it anyway because they trust their “friend”, causing their telco bill to be charged,” Dr Amirudin explains.

Another cyber scammer even assured he would repay the victim after he followed through with the steps.

“But the victim was left poorer in the end.

“One of the fraudster’s main objectives is to manipulate a user’s trust.

“They will use methods such as impersonation to cheat their victims to get money or free services,” says Dr Amirudin.

Fraudsters may also hack into a victim’s account to gain direct access.

In such cases, victims would likely have accounts with higher privileges in terms of gaming levels or unsecured accounts.

Condemning these cybercrimes, Dr Amirudin describes them as a combination of fraud, identity theft and a violation of individual privacy.

“The victims should verify any request they receive from social media and messaging apps, even from their closest friends or family members.

“Just a simple call to confirm will do, before doing anything as instructed.

“This is because such techniques seem to be successful,” he says, referring to social engineering methods to manipulate a victim’s weaknesses, trust or relationship into giving their personal information.

Dr Amirudin advises the public to safeguard their email as it is often a vehicle to transmit malware and commit fraud.

https://www.thestar.com.my/news/nation/2018/06/24/impersonation-over-fb-still-frequent-says-cybersecurity-malaysia/