Social Media: Five Scams that Work
As a follow up to last month's edition of nxg|NOW focused on scams that target the elderly, this month we explore scams that target users on social media platforms. First, we take a look at five social media scams that work and why, followed by tips to help your account holders stay safe while they are online.
Remember, even if your account holders suspect they may have fallen victim to one of these scams or believe their personal information may have been compromised, you can help. Our professional Identity Theft Recovery Advocates are here, standing ready to help your account holders resolve identity fraud.
Social Media: Five Scams that Work
Platforms like Facebook, Twitter, Instagram, and LinkedIn and many others can help us connect on a personal and professional level with friends, family, business associates, and causes that allow us to make new connections with others with shared interests. And participation is free to everyone, which has led to an unprecedented use of social media. As of April 2021, 3.96 billion people identified as users of social media, representing half of the 7.7 billion of the world's population, including more than 70% of the population of the United States. Globally, the average person spends more than 2 hours per day on social media. It is not surprising that criminals have focused their attention on these internet platforms as a way to gather personal information, gain trust, and socially engineer their way to fraud that results in billions of dollars of losses annually.
At the conclusion of this article we will focus on tips to stay safe while using social media. But first, we want to alert you to social media scams that you may not be thinking about. Being alert to potential scams is the best way to protect yourself against fraud and identity theft.
1. CONGRATULATIONS, YOU WON!
Lotteries, gift cards, and other prize scams can make you believe that just by using social media you have somehow qualified for a prize of cash, gifts or discounts. These scams are designed to lure you to click on a link, which can go on to request personal information in order to "verify your eligibility". And by clicking on links to view or redeem your prize you may also be unwittingly downloading malware that can continue to collect more personal information and track your logins and other internet activity.
Why this scam works: Everyone loves a discount, and the attraction of winning a prize is strong.
Remember: You can't win a lottery that you never entered; however, a scammer can throw up advertising to everyone that appears that it is a personal approach just to you. Be wary of anyone that you don't know asking for your personal information, especially your banking details.
2. PLAY THIS GAME!
We have all seen friends on social media participate in fun and interesting games such as "Are you color-blind?", "Check your IQ", and "What is your Pirate Name?". These games may ask for your age, your date of birth, marital status, zip code and other personal information such as your name of the street that you grew up on, your favorite pet's name, etc. which could be useful for a criminal to create a profile on you to commit identity theft. These scams can ask for your phone number to move further and receive results, which can quietly enroll you in services that obligate you to monthly charges.
Why this Scam Works: Most of us look for ways to interact with others and receive personalized feedback. Once a friend participates in this activity there is peer pressure for other friends to play along.
Remember: Never enter any personal information on social media, even your phone number. While many games may be harmless there are many others that are looking for ways to gather information for nefarious purposes.
3. IS THIS REALLY YOU IN THIS PICTURE?!
This is a variation of a phishing scam that you may receive as a message in your social media app, or it may appear in your feed as an advertisement that looks like a message directed just to you. Variations of this message might be "I can't believe what he said about you!!!" or "Did you really mean to say this out loud?" Our protection instinct kicks in and you click on a link which downloads malware, and/or presents a login page that looks just like the social media site. Thinking it is legitimate you enter your user name and password. Now the criminals have your social media login which provides access to your profile and everything you have posted on the site.
Why this Scam Works: Anyone who has interacted on social media has a fear that they, or someone they know, will accidentally post something unintended. Even more compelling is the thought that someone who may want to do harm will post something embarrassing or confidential.
Remember: Don't click on links in social media. If you receive a message and you can't verify the source, don't click. If it looks like the message is from someone you know, contact that person to verify its not a scam before clicking the link. And make sure you have your social media profile settings set correctly so only your connections can message you.
4. SEE WHO IS LOOKING AT YOUR PROFILE!
In this scam, an offer may be presented to download an "Add-On" that will allow you to see who is searching for, and viewing your social media profile. The scam may redirect you to a survey or an online registration for a purchase, which allows the criminal to gain access to your personal enrollment information and your credit card data.
Why this Scam Works: We all have curiosity and a desire to be liked.
Remember: If you are redirected to a page, make sure that the URL is legitimate. Check out the product offer outside of your social media session to see if it is legitimate and their and no scam complaints.
5. YOUR ACCOUNT IS BEING CANCELLED!
Tell an avid social media user that a request to cancel their account has been received, or that their account is being frozen or removed, and watch the panic set in. Criminals count on this reaction. A normally careful person forgets all of the lessons of internet safety in their haste to prove that this action is NOT warranted. If this happens, it may result in you unwittingly providing information to criminals posing as social media administrators. In reality you may be giving up all types of personal information, which may include your name, address, SSN, credit card information, login information and more.
Why this Scam Works: Social media platforms are an important link to our family, friends and business associates. The thought of losing data and control of this lifeline is scary to many.
Remember: Don't trust any message that claims to be from the social media administrator. Contact the administrator outside of the social media session to make sure that the message is legitimate. And be very wary of any message on any platform that seems to rush you to action. In your haste you may make what appears to be a bad situation and even worse situation.
While it is easy to set up a social media account profile and it’s fun to connect with others, it’s important to maintain awareness. According to a report by the FTC, in 2019, total reported losses to social media frauds reached $134 million. But reported losses reached record highs, climbing to nearly $117 million in just the first six months of 2020, with no end in sight. Use this checklist to make sure that you are protecting yourself and your family on social media, on the internet, and in person.
Check your profile settings. Consider limiting the information that you share with the world. Some of your social media profile information might already be publicly available, but there are other details that a criminal could glean for your profile to help them patch together a clearer picture of your identity.
Be thoughtful about sharing personal details online. For safety’s sake, wait a few hours or even a few days before sharing content that reveals your location. A few vacation photos could be just the invitation a criminal needs to enter your home while you aren’t around. On social media, accept contact or friend requests with care. Decline friend requests from people you don’t know in real life; you never know who might actually be on the other side of your internet connection.
Think before you click. Hover over the hyperlink to confirm its real destination before you click on a URL. We recommend that you visit only secure websites, beginning with “https” instead of “http”.
Avoid phishing scams. Exercise caution when you receive a message in social media (or text, email, postal mail or by telephone) from someone you don’t know. Many criminals imitate celebrities, major corporations, financial institutions, or government agencies in an attempt to lure you into providing confidential or payment information.
Use public WiFi with caution. When you’re using a shared wireless network, other people on the same network may be able to see your internet traffic, which could open up your account information to unsavory characters. Avoid logging into confidential financial accounts and social media when you’re on shared WiFi. Even if you’re using your own device, try to remember to log out when you’re done.
[Clients with nxg|PROTECT Essential, Credit, or Preferred can add this paragraph]
Remember, you’re not in this alone. Your <EMBEDDED ACCOUNT> includes an entitlement to dark web monitoring, which can alert you if your personal information or registered credentials have been compromised.
[Clients with nxg|PROTECT Elite or Premium can add this paragraph]
Remember, you’re not in this alone. Your <EMBEDDED ACCOUNT> includes an entitlement to dark web monitoring, which can alert you if your personal information or registered credentials have been compromised. You also have access to social media monitoring to keep tabs on your Facebook, Instagram, LinkedIn, and Twitter accounts, watching for vulgarity, threats, explicit content, and violence. Alerts are sent if it looks like someone has taken over the account and is posting unsavory material.
[All Clients add this paragraph]
Even when you take all the right precautions, bad things can still happen. If you or a family member suspects that your identity has been compromised, help is only a phone call away. With <FINANCIAL_INSTITUTION> <EMBEDDED_ACCOUNT> you and up to three generations of your family have access to Fully Managed Identity Theft Recovery. We have professional Identity Theft Recovery Advocates standing by, ready to work on your behalf to help recover your identity and reverse any damage caused by identity theft. Contact us or find out more about this and other benefits of <EMBEDDED_ACCOUNT> by visiting our website.
Social Media Statistics Source: backlinko.com/social-media-users#social-media-usage-stats
Social Media Content
Post #1 - Winner winner, chicken dinner! Wondering how you won a contest you never entered? Probably a social media scam. Never give up your personal information online, even if they promise discounts and prizes! #YourProtectionPartner
Post #2 - All your friends are doing it! Stay away from online games and quizzes that might be collecting your personal information. Never give up your personal information online, even if they promise to tell you what your Pirate Name is! #YourProtectionPartner
Post #3 - “I can’t believe this is you!” Resist the urge to click on links that try to bait you with messages that look personal, but are really out to get you. Never click on a link without verifying the source. #YourProtectionPartner
Post #4 - Want to see who viewed your profile? Don’t fall for it without doing some research. Make sure the URL is reputable before you install anything on your device. #YourProtectionPartner
Post #5 - “Your account has been cancelled.” Don’t believe the hype. “Cancel” messages are a great way for scammers to get you to click on a link. Always log in to your social media accounts directly to check your status, and do NOT click on links sent to you from suspicious sources. #YourProtectionPartner