Pokemon GO is prime social media bait. Even as the hype dies down, Facebook is still filled with Pokemon GO accounts and groups, many with millions of followers. Other accounts pop up on Instagram, Twitter and Tumblr. A recent report has identified that more than 30 per cent of Pokemon GO social media accounts are fraudulent or hyperlink to trojans.
Of all the 'Pokemon Go' accounts on Facebook, I found five that had more likes than the official page (which, for some reason, remains unverified). While most of these are harmless fan-pages that will only inconvenience you by linking you to spammy sites, many of the accounts harbour hyperlinks to trojans.
For reference, the official Pokemon GO page is the one that usually starts posts with "Trainers," and posts oddly useless 'tips' like this:
Researchers from Proofpoint recently looked at a sample of 543 Pokemon GO accounts across Facebook, Twitter and Tumblr. Of these, 30% were suspect in some way:
• 44 accounts had links to download files, many purporting to be Pokémon GO, game guides, etc. • 79 were imposter accounts • 21 accounts promised "free giveaways"
Of course most of us have the sense to know that a Facebook page probably won't actually give you free Poke Coins, but with a game with a large audience of young people, it's no surprise that these tactics are being used. Some of the tricks used are a bit sneakier — back in July, an official-looking page offered to distribute legendary Pokemon if trainers filled out their details on a form.
While Instagram wasn't included in the study, its got more than its fair share of Pokemon GO spam accounts. Here's just a selection of the accounts that will pop up if you tag #PokemonGO:
The worst offenders tend to be the accounts that offer hacks and cheats. You know the saying — if it sounds too good to be true, it probably is. This is one of the pages where researchers identified a link to the Downware trojan, though they're a little behind the times if they're still advertising Level 15 as something to strive for.
This comes after the news that a PC version of the game being distributed was a type of ransomware. The lesson here is basically to be careful what Pokemon GO-related links you click on social media, and to make sure you're following the right accounts. When something gets the kind of reach that Pokemon GO has, it's only a matter of time before people use it as a vehicle for infecting your device with malicious software.