SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsEmma was scrolling through Facebook when she saw a heartfelt post from her cousin, Sarah. The post shared devastating news: Sarah’s elderly father had moved into a retirement care facility and was selling his belongings to help cover medical expenses. Included were pictures of items like his car, jewelry, and vintage furniture at unbelievably low prices.
Wanting to help and score a great deal, Emma quickly contacted Sarah through Facebook Messenger for the first time in years. Sarah was glad to hear from her cousin and updated Emma on her father’s condition. Sarah quickly moved on to payment details, urging Emma to act fast since many items were already spoken for. Emma quickly sent the money, only to discover later that the entire post was a scam.
Emma had never actually been talking to her cousin. Sarah’s Facebook account had been hacked and taken over by a scammer. After gaining full access, the scammer posted fake news about Sarah’s father and then exploited Sarah’s trusted network of friends and family by pretending to sell his items. When people thought they were buying items from Sarah (and supporting her father), they were really paying a scammer who simply walked away with their money.
Scammers are hijacking social media accounts on platforms like Facebook or Instagram, often by figuring out username and passwords. Once inside, they pose as the account owner to share fake posts that often include emotional details to create a sense of urgency and drive people into action. These scams often include stories like being mugged in a city and needing help, or being in a car accident and needing money, or that a loved one passed away and their belongings are being sold.
Victims are drawn in, believing the post is from someone they know and trust. They send money, often via untraceable payment methods like peer-to-peer apps or wire transfers, only to later find out they were not really dealing with their family or friends, and their money is gone.
When it comes to account takeover scams, you are your own best defense. If you suspect you’ve encountered this scam, report the account and notify your social media platform immediately.
Want to go beyond the newsletter? Tune in to the new OUCH! Podcast, where we go deeper on cybersecurity topics and give you extra insights to stay ahead of the threats.