Information Security

Here’s Something to Post About on Social Media

Social media scams, promising great deals and free money, are currently sweeping the Internet. Don’t believe everything you see — there’s a price to pay when you share too much information or fail to think before you click.

Watch out for these common scams1:

n Facebook: In the Facebook phishing scam, users receive an inbox message stating they have been mentioned in a comment. Scammers hope that users will click on the malicious link in the message, which will download a Trojan to the user’s computer with a malicious chrome extension. When the user logs into Facebook again, the scammers can capture their information and spread the scam to other users.

n Twitter: In the Twitter cash starter kit scam, scammers set up fake profiles on Twitter promoting a “get cash fast” scheme. Users who order the kit surrender credit and debit card information and get charged a hidden $50 membership fee. Scammers also use the information to make fraudulent charges on users’ credit cards.

n Instagram: In the selling account scam, scammers target users who are trying to increase their follower base. Unsuspecting users pay scammers a hefty fee for login credentials to fake accounts with large follower bases. After the user pays the fee, the scammers, the money, and the advertised profile disappear.

n LinkedIn: Fake job offers are among the top scams on job board websites. The scammer takes the user’s personal information from the job application, and hires the user for a short period before he or she is “laid-off.” The scammer does not pay the user for time worked, and steals personal information, such as the user’s social security number.

Please refer to Handbook AS-805, Information Security, part 363, for official social media guidance from the Postal Service™. As a reminder, do not:

n Create unauthorized social media accounts on behalf of the Postal Service;

n Post messages to social media platforms on behalf of the Postal Service*;

n Log into personal social media accounts on any Postal Service devices; or

n Link personal social media accounts to your Postal Service email address.

For more information on cybersecurity best practices, check out the new public-facing CyberSafe at USPS website at uspscybersafe.com or the CyberSafe at USPS page on Blue (blue.usps.gov/cyber/).