Have You Seen These Pictures of You?!

There’s a common scam making the rounds, and its name is a little misleading. Known as a “vanity scam,” it has nothing to do with an overabundance of pride and everything to do with being misled into clicking a malicious link.

Typically, the scam works in two stages. Step one is to get control over someone’s email account, social media account, or even cellular phone number in order to send a text message. That victim is unaware of this entire process, at least until her friends start calling and complaining about the messages “she” sent them.

Once the scammer has access to an account to use, he sends out the same message to all of the victim’s contacts:

“OMG, you wont beleive this video I found of you! LINK: http:bitly.c98.k33x” (Note the lack of a name and the poor grammar in the message, as both are fairly common.)

You open your email or your Facebook messages and find this communication from someone you know. It might be your sister, your co-worker, or your college roommate whom you haven’t spoken to in years. It really doesn’t matter who it is because it isn’t actually from them. But since you don’t know that their account was hacked, you’re tricked into thinking there’s no harm in clicking the link and seeing this potentially incriminating video.

This is precisely why the term “vanity” is used to describe it. It’s not vanity in the traditional sense that you think you’re too beautiful for words, but more like being afraid for what that video or photos might contain. After all, it’s possible that an old college friend has some pictures from Spring Break in Cabo, so you click the link to see how bad it could be. Instead of your photos or video, though, the link downloads malicious software to your computer.

This is the very reason why computer users are cautioned to never click a link or open an attachment if they weren’t expecting it, even if it appears to come from someone they know. There’s an excellent chance the sender’s account was hacked and they’re completely unaware. However, it’s important to mention that this scam has also been used by strangers on social media, meaning it didn’t come from someone you know well; if you have a large “friends” list on Facebook, you probably don’t know every single person by name. In that case, it’s even more important to skip the link altogether and just ignore the message.