Social media scams are just one of the many ways cyber criminals are taking advantage of people online these days.
Have you noticed an increase in the number of people getting “hacked” recently?
Has one of your friends or family member suddenly chatted you with mouth-watering crypto investment opportunity on Facebook, Instagram or WhatsApp? Or maybe you’ve a seen post on your timeline of someone saying something like, “Sorry everyone, my Facebook account was hacked!”
The reason scammers target already existing accounts instead of creating new fake ones is that there is an existing level of trust in the among family and friends, so If you and I are friends on Facebook, for example, and you send me a private message, I naturally assume that it is really from you and not spam. As a result, I'm much more likely to follow a click on a link you send or send you money or buy into an investment you have proposed to me.
So what types of social media scams should you be looking out for? Here are some of the top ones.
Direct message scams:
Scammers will send a direct message from the account of a friend with an investment opportunity or with a link. The link will then bring the victim to a fake website, in order to steal their credentials, or ask for money. The scammers are relying on peoples’ trust of their social media friends and natural curiosity to trick victims into clicking and then handing over private information.
Catfish/romance scams:
These scams rely on people’s genuine desires for connection and love in order to defraud them of money. Romance scammers create fake profiles on social media sites like Facebook or Instagram — and, increasingly, on legitimate dating sites — and then connect with intended targets. They come on fast and strong, creating a romantic and/or sexual bond with their victims, and eventually ask for money for an “urgent” reason.
Sugar daddy scams:
Sugar daddy scams are kind of a crossover with romance scams and DM scams. The scammer poses as an older, wealthy man looking to pay a younger woman (aka the sugar baby) for her time. But, surprise! He’s not really a sugar daddy. He’ll ask the young woman to send over money (often via gift cards, which are the favorite payment method for online scammers) in order to “verify” their payment information. In the end, the “sugar baby” ends up being the one who pays, not the other way around.
'Who viewed my profile?’ scams:
Have you ever seen an ad purporting to reveal who viewed your profile? Don’t click on it. Those ads are a form of phishing that prey on peoples’ natural curiosity and vanity. Their only goal is to steal your social media credentials in order to either, a) gain access to your accounts or, b) sell them on the dark web.
Fake advertisements:
These scams utilize fake advertisements that look like they’re from legitimate companies in order to get people to buy non-existent products. Most commonly, people place orders for items that they see advertised online but never receive the items. These types of fake advertisement scams accounted for 35% of all reports of social media scams received from our reporting platforms: Scamwatch.ng/reports
Locked out of my account scams:
This type of social media scam relies on the fact that most people want to be kind and helpful. It usually involves a DM from someone claiming they’ve been locked out of an account and need help getting in. They’ll ask you to click on a link in order to retrieve their password for them but that link will be malicious. That means you’ll either get malware on your device or you’ll be redirected to a site that asks you to enter some type of valuable information — like login credentials or financial information — so they can steal it.
'Please help!' scams
Finally, there will always be scammers who take advantage of people’s sympathy or tragic situations to defraud them. They use hacked Social media accounts to contact people stating that they are in need financial help immediately.
How to avoid getting hacked on social media
Don’t click on links
Especially if they look weird! Ask yourself: Would your friend actually send a link with this subject? And if they would send you a link, would it be a shortened one? Usually the links that scammers send are run through a link shortener in order to disguise what it actually is. So if the link looks fishy, it’s probably phishing.
Be wary of unsolicited messages
If someone you haven’t spoken with in years — or someone you don’t even know — randomly messages you, you should automatically be wary. Now, we’re not saying that anyone reaching out on social media is sketchy. But there’s a higher bar to pass for legitimacy, so don’t assume that just because you’re “friends” online that you’re actually messaging with your friend.
Turn on MFA everywhere
Multi-factor authentication (MFA) is a security measure that requires two or more things from you in order to sign in to an account. For example, your Gmail on your computer might ask that you put in your password and then open the Google Photos app on your phone to confirm that it’s you trying to sign in. The idea here is to prevent someone who has gained access your password — like perhaps through a social media scam — from getting into your account. And since data breaches happen all the time, MFA is essential for security these days.
Practice good password hygiene
Speaking of passwords, you know the rules by now: Use unique passwords (or pass phrases) for every account. Use a password manager to keep track of them all. Change your passwords frequently. And don’t share them with anyone! Your passwords are for you and you alone.
Use an ad blocker
Since one of the ways scammers utilize social media to scam is through fake advertisements, use an ad blocker. It will keep you from even seeing the ads, which means you’re not tempted to click on them. Problem solved!
Make sure you’re running antivirus software
I got hacked on social media! What do I do now?
If you’ve already been targeted by a social media scammer, there are steps you can take to secure your account (and money) against future attacks.
First, you need to immediately change your password. And if you choose not to change it, they could keep taking over your account and spamming your friends or even lock you out of it.
Then, do some accounting: Did you use that password anywhere else? If you did, then you have to go change it on those logins as well. The scammers could sell your information, which would potentially give other criminals access to other accounts of yours if you’ve reused passwords.
Once you’ve regained control of your account, do a little post informing everyone what happened. Likelihood is a bunch of your friends already clicked on a bogus link from “you,” but it’s common courtesy to warn everyone else, just in case. And throw in a little apology as well for any of those friends who did click. Doesn’t hurt!
If you’ve lost access of your accounts, most social media services have a “recover my account” process now. It might be a difficult process, but it’s worth it to stop the scammers who are impersonating you and possibly steal from your family and friends.
Social media scams are just one of the many ways cyber criminals are taking advantage of people online these days. Pay attention, stay skeptical, and remember: Don’t click on any links!
Add new comment