Beware of Social Media Page Cloning Scams!!
There is a concerning scam impacting the hotel industry that we have recently observed. It is crucial for all hotels and businesses to be fully aware of this issue. The scam involves the creation of fake social media pages that replicate existing businesses. These fraudulent pages deceitfully promote products, services, exclusive room rates, and enticing offers, leading unsuspecting customers to make payments. The scamsters employ sophisticated tactics by registering businesses with names similar to their targets, creating an illusion of legitimacy when receiving payments. If your business falls victim to this type of scam, it is essential to take immediate action by following these steps:
If your business is a victim of this type of scam, here are the steps you must take immediately;
- Report the incident to the police in your jurisdiction with all the information, including printed copies of pages, names and details customers affected, and all details.
- Report the incident or page to the platform provider Facebook, Google etc via their on-page reporting feature
- Contact online CyberCrime authorities to report the “Data Incident” and receive a Case ID, this will help you formally request a “Take-Down” notice
- Once the police and cybercrime reporting has been completed, contact the platform providers support line and provide them with the police report and Case ID and request “Take Down” of the Scam page
- Ensure that the “Take-Down” notice has been effected by following up within the stipulated timeframe, this differs for each platform and jurisdiction
Consumers can protect themselves from being victims of Cybercrime and scams by watching out for the following;
- Look for recently created business pages and accounts, scamster normally create these and have them up for a few days or weeks. If a page or account has been around for a short period, it’s a sure sign that it could be a scam.
- Check accounts, pages and bank account details for spelling differences to the main business you are dealing with. Scamsters normally choose a name that has a slight variation of the business they are targeting, whilst some spelling errors can be expected, this will not happen in the name of the business, its page names, or its account.
- Contact the hotel or business directly before making payment to verify the details of your purchase. If you are dealing with someone via messenger or chat, switch to a different communication channel like the companies formal registered email address from their website. If you do not receive any emails from their domain, then do not proceed with payment.
Whilst Thailand users were attacked less in 2021 at around 21%, which is lower than the Global average of 29%, there has been a disturbing increase in Cybercrime in Thailand and around the world. According to some reports, Cybercrimes could cost the Thai economy BTH $286 billion, 2.2% of the country’s total GDP.
As a business, here are some practical tips to harden your Cybersecurity and avoid becoming a victim of a scam;
- Secure your Website by ensuring it is developed according to the best standards, with protection against malicious code and SQL injection scripts. Installing security patches and monitoring software helps you protect your public facing online platforms.
- Ensure your Domain and Hosting Security is robust, reducing the risk of being hijacked by scamsters who can masquerade as your business. Domain protection and regular backup’s can reduce the risk of downtime and business loss.
- Install appropriate Security Certificates on all your Websites, and demand the same of your 3rd party system providers. All weak links in your system can be exploited, so make sure both you and your partners are compliant.
- Create a redundant back-up hosting site that can take over in the event your Website and systems are compromised. This will ensure business continuity so that your losses are minimized in the event of an attack.
- Regularly conduct multiple levels of monitoring on all your Digital Channels, Platforms, and Systems. This includes internal private software and external public facing platforms such as Social Media pages, content streaming services, and business accounts. Sometimes, the first sign that a scam or attack is being planned will be found on Social Media.
- Do ongoing training with your staff on how to spot possible scams, and what to do if they suspect an attack is taking place. Scamsters learn as much about the business before attacking it, this can include speaking to staff and asking questions to learn how a business works. Impersonating employees is one of the main ways Scamster operate and get credibility.
444 MEDIA are here to help. With our global expertise in Digital, we’re able to advise our clients on best practices and standards that can help them keep their online presence safe and secure. Get in touch with us if you’re like to learn more about how we can help you do business online with confidence and peace of mind.