Social media platforms such as Facebook, Instagram, Snapchat, etc., are common ways to connect with others, but they also provide active venues where criminals target innocent victims. Every day, new and different scams take millions of people off their guard, resulting in financial losses, identity theft, account takeovers, the spread of malware, and personal manipulation. If you use social media, no matter your age, be aware that not everything is as it seems online. It’s important to stay on your toes.
What are social media scams?
Social media scams are deceptive offers, transactions, or interactions that originate on social media, messaging platforms, or apps. These scams are designed to trick you into sharing personal information, and ultimately, parting with your money.
Types of social media scams
The primary objective of most scammers is to increase their own financial gain. Social media scams use various complex and convoluted methods to achieve that end. Tactics may include:
If a catchy headline enticed you into reading a single paragraph per clickable page, you’ve landed in the clickbait zone. You may be safe if you have good antivirus protection; otherwise, you might get infected with malware and a scammer may hold your device hostage until you pay up.
Scammers set up fake profiles on dating sites or apps, then earn your trust and build rapport. After you share personal information, they may ask for money, or involve you in a cryptocurrency, fake check, or gift card scam.
Dishonest sellers can lure you into buying desirable products at steep discounts. If they redirect you to external sites for payment or request payment in gift cards, consider it a red flag. Some might ship knock-off products, if they send anything at all.
It’s natural to respond to social media prompts, especially when they’re fun or clever. When friends repost innocent quizzes, challenges, or questions, they’re unwittingly helping scammers gather personal information that could be used to guess your passwords. For example, “Who has the best ‘where I met my soulmate’ story?’” or “Combine your best friend’s first name, your pet’s name, and the street you grew up on to create your Romance Author Name. What’s yours?”
Investment scams are based on fake accounts and building trust. The scammer casts a wide net to lure as many investors as possible and uses fake data about guaranteed returns to seem legitimate. Bit by bit, they take money from their targets, then disappear altogether.
An impersonation scam creates a fake account to deceive followers and scam them out of money or personal information. For example, a scammer pretending to be a celebrity might ask for money on Venmo by claiming their tour bus was broken into and their account was hacked.
In this scam, you’re overpaid via Venmo, Cash App, Zelle, etc., for a good or service you provided and are asked to reimburse the overage to a third party. What you don’t know is that the purchaser sourced your payment from a stolen credit card. When the credit card owner reports unauthorized activity, the payment will be withdrawn from your account; the purchaser keeps the difference.
In this scam, you open an account, let someone deposit money using your debit card, report the card stolen after they use it, and then withdraw some money while they take the rest. However, you are held responsible for the negative balance.
Spotting red flags in social media scams
You’re bound to run into a social media scam eventually. Keep your eyes out for the hallmarks of dishonest activity and you’ll come out on top.
Prices that seem too good to be true usually are. Even if you are tempted to purchase a product you need or a hard-to-find item at a steep discount, let reason be your guide. It’s a scam.
Be wary of incomplete business profiles. Online vendors should provide basic information like shipping times and costs, their addresses, and a return policy. Check them with BBB. Also, watch out for profiles of supposed friends with missing connections.
Offers or messages that contain spelling errors, formatting errors, or seem to be written with unnatural language patterns are likely from illegitimate sources.
Unsolicited direct messages with links in them are almost always scams. Never click on them or go to the fake website the link will send you to. Doing so will likely download malware to your device.
Usually, online transactions require payment using credit cards, PayPal, or Apple Pay. If you’re prompted to pay using gift cards, cryptocurrency, wire transfers, or payment apps, think twice about moving forward with that vendor. If you’ve been asked to refund an overage, cancel the transaction.
How to stay safe and avoid social media scams
Whenever you’re using social media, make sure to follow these best practices:
- Never click on pop-up messages or links from unsolicited, private messages
- Verify website security—Look for the lock icon near your browser’s location field . A secure URL should begin with “https” instead of “http.” Never give out personal information unless you know the website you’re on is legitimate and secure
- Adjust your social media privacy settings. Make sure your posts are not visible to strangers
- Never respond to strangers messaging you on social media; just delete or block them
- Create strong, unique passwords for each social media account; never re-use passwords
- Use a password manager to securely store your passwords and warn you if your account has been compromised
- Activate two-factor authentication (2FA) for your accounts when possible
- If you suspect a friend or company has been hacked, contact them directly through trusted channels (such as their phone number)
- Never send money to someone you’ve only met on social media
What to do if you’ve been scammed
Your social media accounts are part of your identity. If they’ve been compromised, recovering them will take effort. Don’t panic; just follow these steps.
If scammers took over your social media account:
1) First, request a password reset email from each social media service impacted.
- Each site and app has a different process for recovering a hacked account.
2) Next, regain access.
3) Check your “login activity” and look for devices or locations that you don’t recognize. Force any unfamiliar sessions to log out.
-
- Update the email and phone number associated with your account, then change your passwords.
- Enable 2FA on your account and use an authenticator app such as Authy (instead of text or SMS).
If you sent a social media scammer money or crypto:
- Contact the financial institution or crypto exchange that you used and try to cancel the transaction.
- Prevent scammers from using your financial information to open new accounts or take loans out in your name by contacting each of the three credit bureaus and freezing your credit: Equifax, Experian, and TransUnion.
- Report the fraud to each social media platform as well as to the FTC at ReportFraud.ftc.gov.
- File a police report with your local law enforcement, if you have any information that could lead to the arrest of the scammer.
If you have questions about fraud or SCU’s fraud monitoring service, call us toll-free at 888-599-2265.