Most of us enjoy getting money back on a good deal — who doesn’t? Criminals know this  and they’re using a vicious malware virus to steal our financial information.  And the criminals are savvy enough to be using social media to do just that.

The Better Business Bureau (BBB) just reported on this latest scam (“New Scam Steals Financial Information From Facebook, Gmail, Yahoo and Hotmail users”).  How does the scam work?  BBB wrote that an offer pops up, for example, on your Facebook with a 20% cash back offer if you link your Visa or MasterCard debit card to your Facebook account.  Don’t do it!  The link is to a version of the Zeus Trojan malware that’s been used for years by scammers to steal people’s financial information.

While the BBB article talks mostly about Facebook, it offers 5 tips that are helpful for any of the social media we use.  Here are the BBB’s tips:

  1. With Facebook, don’t install a game or any other application if you’re not completely sure it’s legitimate
  2. On Twitter and Facebook, be wary of posts heavy with promotional language that seem to be from friends.   One example would be a post that says “Click here and you can get the same $100.00 gift from Amazon that I just did.”
  3. Don’t click on posts or applications claiming to be able to tell you which friends just viewed your profile.  BBB warns that you can’t tell who’s actually viewed your profile and the post or app could be from a scammer wanting to get your personal information.
  4. On Twitter and Facebook, beware of promotional offers with shortened links.  The BBB gave this example of such a link: http://is.gd/b8XwNO.  BBB notes that legitimate businesses often use such links.  But shortened links hide the true URL of the destination website —and thieves use shortened links to direct unwitting victims to a site that will then infect their computers with malware.
  5. You can uninstall a suspicious application if you’ve got any concerns.  On Facebook, click on the “Home” icon; go to “Account Settings”; click on the “Apps” icon and uninstall the suspicious app.  Change your account password in case that’s been compromised.

The FTC (www.ftc.gov) and the BBB ( http://www.bbb.org/data-security) offer more information about ways to protect our privacy and personal information. You can also call the BBB at 520-888-5353 to ask for information if you think you’ve been a victim of an online scam.  You can report the scam to the FBI at: http://www.ic3.gov.

The bottom line: be wary of, and do “due diligence” about, offers that want to get your personal financial information in return for some kind of deal.