An online security firm is warning users to be careful online this holiday season as cybercriminals once again gear up to scam people via social media.

Researchers at ZeroFOX Inc. today said they have found 2,868 fraudulent holiday scam accounts across social media that are attempting to exploit users’ penchants for shopping in the run-up to the new year. The attack campaigns used by those behind them ranged in type but primarily had one thing in common: They involved impersonating a legitimate company in a practice known as “brand hijacking.”

“Scammers hijack this excitement [of the holiday season] and abuse the trust between consumers and brands on social media by creating fraudulent accounts, crafting fake, eye-catching promotions and driving unsuspecting consumers to a variety of malicious ends, including phishing pages, malware exploits and other nefarious schemes,” the report noted.

Reflecting similar trends uncovered in the lead up to Black Friday and Cyber Monday, scammers were once again found to be targeting retail brand categories included fashion, technology, sports, e-commerce, jewelry and food using three different attack methods: phishing links, malware exploits and “fame farming” schemes.

The first two methods would be familiar to most. Phishing involves imitating popular brands in order to trick victims into handing over credit card and other personal information. Malware campaigns involve getting users to click through to external websites that download malicious programs, which can then steal their personal information.

Of the three, the “fame farming” campaign is the most interesting given that it’s not a technique often mentioned in discussions about online security. According to the report, scammers create fake coupons or giveaways to rapidly gather large numbers of followers, likes and shares on services such as Facebook for a number of different purposes. Obvious uses include being able to gather personal information and target users, including “account flipping,” whereby the scammer builds followers to sell the page to others.

ZeroFOX recommends that users should be wary of coupons, offers and promotions distributed through social media sites other than those from the official retailer and also be careful of clicking on any shared links from unknown sources. In addition, users are advised to practice safe internet by ensuring they have up-to-date antivirus software installed on their computers and mobile devices.

Image: caveman_92223/Flickr