The Cybersecurity Bureau of the Department of Information and Communications Technology (DICT) on Friday, April 26, released a list of eight signs to identify if someone has been targeted by a “hijack profile” scam.
DICT said individuals should be concerned if they notice "unusual activity" in their accounts.
"You observe strange or suspicious behavior on your account, such as postings or messages that you did not send, or changes to your account settings," DICT-Cybersecurity Bureau said in a social media post.
It also advised users to exercise caution if they encounter unexpected "password change" incidents, in which they are unable to log in to their accounts because the password was changed without their knowledge.
Aside from these, a compromised profile may receive "friend requests from strangers," "login alerts," "account lockout," and "spam or phishing messages."
DICT asked users to check their accounts if they receive notifications that someone logs in from an unusual device or location, if their account has been restricted due to suspicious activity such as spamming or acting like a bot, if their account is sending spam and phishing messages to their contacts, or if they have received friend requests or follows from people they do not know.
It added that an individual may be victimized by a hijack profile scam if they experience "account changes" and "unauthorized access to other accounts."
"Your account information, such as your email address or phone number, has been changed without your knowledge or authorization," DICT pointed out.
"If your social media account is linked to other online accounts, you might detect unauthorized access or activity there as well," it added.
What is hijack profile scam?
On April 24, the DICT-Cybersecurity Bureau raised awareness about the hijack profile scam, describing how cybercriminals illicitly gain access to social media accounts.
They then exploit these accounts to send deceptive messages to the owner's contacts, soliciting money under false pretenses.
"The fraudster may employ a variety of strategies, including social engineering, hacking, and phishing, to obtain access to the profile," DICT Cybersecurity said.
READ:
https://mb.com.ph/2024/4/24/dict-raises-public-awareness-against-profile-hijacking-scam