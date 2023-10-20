Reddit, the 18th most visited website in the world and the 7th most frequented social network, is not immune to cyber fraud. ESET, a leading proactive threat detection company, warns that in addition to legitimate subreddits, funny photos of aliens, and annual April Fools’ Day events, Reddit users may also encounter various types of scams on the site, including scams that aim to steal their data and money.

According to ESET, some common types of fraud to be aware of when using Reddit are:

Phishing: This form of scam takes the form of an email or text message that pretends to be a legitimate request for login credentials, credit card information, or other personal data. Phishing scams on Reddit are often spread through private messages that forum moderators cannot read, making it easier for criminals to trick victims into clicking on suspicious links and providing their login credentials or downloading malware onto their devices. Spearphishing: A specific and more sophisticated version of phishing, spearphishing involves messages that are specially crafted for an individual or group of people, such as employees of a company. Active Reddit users who reveal too much information about their lives in subreddits or even on other sites can be particularly susceptible to this type of attack. Fake subreddits: Reddit’s main feature is its ability to allow people to create their own discussion spaces known as “subreddits,” which are then overseen moderators who ensure users follow the rules. However, scammers always look for ways to exploit this trust using bots to generate new subreddits where everything is essentially fake: moderators, subredditors, and posts taken from legitimate sources. Fake subreddits often pretend to be cryptocurrency trading forums, with their moderators posing as legitimate traders. Charity scams: Some Reddit forums are dedicated to charitable causes. Unfortunately, they can also become breeding grounds for scams as scammers pretend to be legitimate charitable services and take advantage of the empathy of kind-hearted individuals. Scamming the needy: Some scams even involve fraudsters attempting to steal money from individuals who do not have much and are seeking help. Crypto scams: Reddit is also popular among the cryptocurrency community as it caters to people who follow the latest trends in cryptocurrency and seek advice on trading. However, Redditors often express their frustrations about messages promising to double their investments or promote new coins that guarantee unrealistically high profits. These messages usually come from organized groups that have obtained a large amount of “shitcoins,” or low-value cryptocurrencies, and try to sell them at inflated prices through online marketing campaigns. To protect themselves from these scams, ESET recommends questioning anything that seems too good to be true and reporting extravagant offers or refund promises to forum administrators.

In addition to these types of scams, ESET also investigated two different types of fraud on Reddit:

A) Spam and upvoting networks: Spam is a serious problem on Reddit, exacerbated well-organized groups that abuse the site’s voting system, create fake and potentially harmful content, and then promote it on Reddit with the help of fake accounts. They promote clickbait articles with attention-grabbing headlines, but the content is often poorly written and filled with advertisements. Despite lacking substance, these articles accumulate a lot of upvotes and positive comments, pushing them to the top positions on the subreddit’s main page. There is a thriving market for upvotes on Reddit, with prices ranging from $20 to $50 per 1,000 votes. If you identify a promoted article with a suspicious associated link, do not click on it and report the case to the subreddit administrators.

B) Karma farming: Reddit relies on a karma system to distinguish between authentic and fraudulent accounts, but scammers have learned how topass it. They create accounts that copy and paste old legitimate content from Reddit, increasing their own karma score and posing as legitimate users. In Reddit’s 2022 Transparency Report, it was revealed that administrators and moderators removed 4% of the content posted on the site in 2022. An overwhelming 80% of these removals were attributed to spam, particularly karma farming.

It is essential for Reddit users to be cautious and skeptical of suspicious messages, links, and offers on the platform. Being aware of these common scams can help protect users from falling victim to online fraud.

