A new kind of malware attack is spreading like wildfire on social media including Facebook and through posts on Twitter. There have already been an estimated 500,000 infections worldwide according to researchers at Guardio Labs.
More recently, there is a noticeable surge of fake campaigns on social media sites like Facebook and Twitter where infected promoted posts and ads are deliberately posted to install malware when you click on them.
This new troubling method of spreading malware is known as ‘Malverposting’. Here’s what we know about it.
What is Malverposting?
Malverposting is when someone uses promoted social media posts and tweets to spread malicious software and other security threats. The way these scammers work is by paying for ads that will boost their malicious posts so that more people see them and then fall for their malware scam.
Many of these posts contain content that will bait you into believing that it’s real. Some will be fake ads for clothing or electronics being sold for super cheap prices, while others will try to convince you to invest in a fake scam or download an app that is actually fake.
Credit: Guardio
What are some popular Malverposting campaigns happening now?
One particular campaign that has been gaining traction over the last few months is happening on Facebook. It works by creating new fake business profiles and also hijacks real profiles that have large followings. With these profiles, it overwhelms people’s Facebook feeds with malicious click-bates promising adult-rated photo album downloads for free.
When a victim clicks on the post from this campaign, a malicious ZIP file is downloaded to their computers. The ZIP file contains tons of “photos” that, when clicked, will initiate the process of releasing malware onto the device being used.
Credit: Guardio
The malware will then secretly copy the user’s sessions, cookies, accounts, crypto-wallets, and more and send the information from their computer or device to the scammer without the user’s knowledge. This can severely hurt the users who fall for the bait, and it also deeply hurts the legitimate business profiles whose information gets compromised and essentially halts their business from flourishing in a social media setting.
MORE: HOW SCAMMERS ARE SELLING COUNTERFEIT STAMPS ON FACEBOOK ADS
How can I protect myself if this is happening all over social media?
There are a few steps you can take to make sure that you do not fall for a fake scam on social media. Here are some of my tips:
Look closely at the language of the post.
The language of a post is a lot more important than you think. If you look closely and notice that a post is trying very hard to push a product on people by using insanely low prices that won’t be found anywhere else (like a laptop being sold for $20 for example), then that’s a huge red flag for a scam.
Stop if you see urgent messages from a “friend” asking for money.
It could be a hacker behind that post pretending to be your friend.
Check out a company before you buy.
Do a quick online search for the store’s name and look for reviews and complaints from other customers. You should also check the Better Business Bureau website to see if the store has a rating or any complaints. If you see a lot of negative reviews and comments, don’t trust them.
A Texas mom says she spent the night in jail after speaking up online about dirty water in her town. The case was later dropped, but her story raises a troubling question: could something you post online ever put you at risk?
Missed this event? Sign up via the registration form and see our live recording.
See Kurt’s 2026 picks for practical tech and everyday upgrades.
Don’t deal with a vendor requiring cryptocurrency, gift card, or wire transfer payment.
That’s sure to be a scam.
Have good antivirus software on all your devices.
This story is also another reminder to always have good antivirus software running on your devices, as these social media scams can entail the victim clicking a fake post. Antivirus software on your devices will ensure you are stopped from clicking on any potential malicious links in social media posts.
Special CyberGuy deal: My #1 pick is TotalAV: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
Find my review of Best Antivirus Protection here.
Is Facebook doing anything about this?
The team at Guardio did reach out to Meta (the parent company of Facebook) to make them aware of these alarming facts. According to the security group, Meta’s research and engineering teams are actively working to stop the propagation on their ad network.
Have you noticed any malware scams on social media lately? Comment below.
Have you noticed any malware scams on social media lately? Let us know by commenting below.
FOR MORE SECURITY ALERTS LIKE THIS, SUBSCRIBE TO MY FREE CYBERGUY REPORT HERE
Related:
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
🎙 Now Streaming: My New Podcast: The CyberGuy Report
Kurt’s Top Deals
Deals move fast and inventory can be limited, so don’t wait too long.
| 🔥 Editor’s pick  Summer entertaining Ninja SLUSHi Machine (26% off) Frozen drinks and slushies at home in minutes. | |
| 💰 Top deal  Outdoor essential TYPEC Solar Bug Zapper (36% off) Solar-powered bug zappers for patios and camping. |
1 comment
ty 😊