Cybercriminals are always coming up with new ways to steal from unsuspecting social media users, often trying to obtain account login credentials, personal information, or bank and credit card information.
Cybersecurity expert Liz Wegerer from VPNOverview reveals the most common Facebook and Instagram scams of 2023 and how to avoid them.
Facebook is the most popular social media app worldwide, and scammers flock to it to fleece unsuspecting users. With so many active users, fraudsters have a vast pool of potential victims to target. Here are some of the most common ways they try:
- Phishing scams: Emails or direct messages with sketchy links that download malware or capture login credentials on spoofed websites.
- Romance: Friend requests and direct messages that attempt to create a romantic interest with the goal to steal money from the victim.
- Prizes or job offers: Claims designed to obtain personal information or money from the victim, including “You’ve won!” scams.
- Quizzes and games: Designed to elicit personal information in the answers through the kind of information people may use to create passwords or answer security questions for their online accounts.
- Charity pleas: Creating fake charities to get donations during times of disaster, using sites like GoFundMe.
More than one billion people use Instagram each month, making it the world’s fourth most popular social media platform. Cybercriminals know this and have several tricks to infiltrate your account and steal your personal information. These include:
- Fake investment offers: Scammers promise you a great return for just a small investment.
- Bogus brand collaboration requests: Fraudsters offer to pay you for promoting their products and then steal your financial data when you provide them.
- Selling followers and likes: Ask you to pay a nominal fee in exchange for like or follow packages, but your financial data gets stolen when you send financial details.
- Giveaways: Entice you to try and win a prize, but then you will be asked to provide personal information or payment to claim your winnings.
- Imposter brand accounts: Sell counterfeit goods (or never deliver the promised goods at all) under the guise of a popular brand to drain your bank account.
Here is how you can avoid such scams on Instagram and Facebook as well as other social media platforms.
Lockdown Your Privacy Settings
Your Instagram is set to “public” by default, allowing anyone to see your posts. To protect your privacy, set your account to “private” so only followers you approve can see your posts, make comments, and send you direct messages. On Facebook, while you can never hide your profile pictures or cover photos, you can hide almost everything else from those outside your friends list through your settings.
Strong Passwords and 2FA
One of the easiest ways to prevent unwanted logins on your accounts is to use strong passwords and enable two-factor authentication (2FA). With this in place, anytime someone tries logging in from an unrecognized location or device, they will also have to enter a one-time code in addition to your username and password sent to your phone.
Keep Track of Third-Party Apps
Over time, you have likely connected several third-party applications to your Instagram account. You should regularly review these applications to ensure no suspicious connections have been made and delete any you do not recognize or no longer use.
Only Buy from Verified Profiles
Before you buy anything on social media, check to make sure the account you are dealing with is verified. All legitimate brands on Instagram and Facebook are typically verified with a blue circle checkmark next to their name.
Regularly Search for Accounts in Your Name
To avoid the damage of someone cloning your accounts and using these fake accounts maliciously, get into the habit of regularly searching Facebook and Instagram for your name. This only takes a minute and is an easy way to identify and report impostor accounts.
Decline Friend Requests Users You Don’t Know
Get in the habit of declining friend requests from anyone you are not familiar with. The more friends you have that you do not know, the higher the risk you will be approached with a scam.
Don’t Click on Suspicious Links or Unsolicited Messages
Whether it is a phishing email or a private message from a friend, avoid clicking on unsolicited videos or links. If you think a friend sent you something, double-check with them before clicking. Especially when what they sent you involves compromising information about you or says something like, “OMG! Is this you?” or “Have you seen this yet?!”.
GIPHY App Key not set. Please check settings