資訊科技小貼士 甚麼是惡作劇謊言?; Information Security Tips Series What’s ‘hoax’? (Offbeat 974)

隨著互聯網的興起與智能手機的普及,一般人很容易地經由社交平台分享個人興趣及生活資訊。多元化的網上社交平台都為註冊用戶提供各種應用軟件來發布消息, 包括網上聊天室、短訊、電郵、文件共享及日誌等。可是使用者又有否注意到信息的真確性呢?否則,便很容易墮進惡作劇謊言的陷阱

惡作劇謊言的內容通常是一些虛構或不真實的信息,指示接收者將信息轉寄他人,如果不順從指示,就會受到某種威脅或嚴重後果。更嚴重的情況下,惡作劇謊言會 要求接收者提供個人或財務資料,最後導致損失。早期的惡作劇謊言主要經由電子郵件傳播,但現在已經蔓延到社交平台。以下是一些較為常見的惡作劇謊言事例:

事例一:Facebook上的惡作劇謊言「某某咖啡店送 您 $50 禮品咭」

在某某咖啡店贈送禮品事件中,Facebook 用戶遵從惡作劇謊言的指示瀏覽駭客在Facebook生活時報上的留言。當用戶按下讚好按鈕後,這則惡作劇謊言便會自動顯示於用戶的個人生活時報上。同時 用戶亦被帶往一個惡意網站,當提供個人資料後便會獲得咖啡店禮品咭。最後,用戶當然沒有收到任何禮品咭,反而受到更多廣告郵件、短訊及電話的滋擾。

事例二:經由短訊散播的惡作劇謊言「某某手機應用程式要 繳交額外附加費」

惡作劇謊言除可經由網絡傳送,亦可經由短訊散播。早前曾發生利用短訊散播某某手機應用程式的惡作劇謊言。騙徒冒充電訊公司發出短訊,警告用戶如果使用某某 手機應用程式作網絡信息傳輸,便要為每個信息繳交額外附加費。甚至警告使用該程式會令用戶的個人私隱被泄露,短短數日內,數以千計的使用者因沒有核實短訊 的官方來源,誤信惡作劇謊言而移除該應用程式。

衡量惡作劇謊言的信息可考慮以下幾點
* 相同的信息標題與內容是否已被多次轉寄?
* 信息中的內容是否出現亂碼文字?
* 有否要求接收者提供個人或財務資料?
* 曾否參加信息發布者的活動?

如 何防範惡作劇謊言
* 避免向陌人生透露你的個人資料。
* 若內容提及某機構活動,應核實官方發表的消息。
* 開啟不明來歷的信息時須小心閱讀及提高警惕
* 開啟所有檔案及附件前,必須經防毒軟件掃瞄。

http://www.police.gov.hk/offbeat/974/chi/

It has become very common to use website or mobile apps to share personal interest and messages. Various social media portals provide multiple ways for users to interact with each other, such as chatting, emailing, file sharing, and blogging. In the meanwhile, can users be assured of the authenticity of information? Otherwise, they would fall into the trap of the social networking hoaxes.

Hoax usually spreads the message or belief of a fictitious or false nature, indicating that the recipient should forward the message to others. If you do not obey this instruction, there would be a threat or serious consequences. In the more serious case, the hoax requires the recipient to provide personal data or financial information, finally leading to losses. Traditionally, hoax appears in the form of a chain email. However, it has spread to chat rooms and social networking websites. The following are some of the more common examples of the hoax.

Case 1: A hoax on Facebook: Free ABC Coffee Shop $50 Gift Card!

Owing to the huge number of worldwide users, Facebook has become a primary target of hackers recently, and its platform is widely attacked by hoaxes as well. In the ABC Coffee Shop hoax, Facebook users were asked to click on a link that redirected them to a malicious page. Then the victims were instructed to post the scam message on their own profiles and click the “like" button. After providing their names, addresses, etc., the victims would receive an ABC Coffee Shop gift card. In fact, the cards were never dispatched to the victims. Hackers would use personal information to obtain further spam Facebook accounts and harass victims through email or SMS messages.

Case 2: SMS hoax: Message delivery charge for ABC mobile app.

In addition to spreading through network, a hoax could also be sent through an SMS message. An example is the message delivery charge for the popular ABC mobile app. The SMS message appeared to be a notification from a telephone company. It made people believe that by using the ABC mobile app, the user would have to pay extra fee for each message, and their privacy would be compromised. As a result, thousands of people removed the app within a few days without verifying the SMS message from the official source.

 

Consider the followings to find out if a message is a hoax

* Have the same header and the body of the message been forwarded many times?

* Are there any unreadable characters appearing in the message?

* Have the proposed business plans requested for personal or financial information?

* Have you ever participated in any activity of the message sender, especially those informing you to get a reward?

 

The ways to avoid a hoax


* protect the privacy of your personal data, and avoid disclosing your personal information to strangers.

* If the message mentions information about any organisation, verify it from the official source.

* Remain cautious when opening messages from unknown sources.

* All files and email attachments should be scanned by anti-virus software with the latest signature before opening

http://www.police.gov.hk/offbeat/974/eng/

Give me comment!

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com 標誌

您的留言將使用 WordPress.com 帳號。 登出 /  變更 )

Google photo

您的留言將使用 Google 帳號。 登出 /  變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 /  變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 /  變更 )

連結到 %s

%d 位部落客按了讚: