How to Avoid Scams on Social Media

Social media can be an incredible tool to chat with friends or keep up with the latest news and gossip. Unfortunately, it’s also rife with scammers, hackers, and other digital crooks looking to make a quick buck at your expense or scoop up your precious personal data. Although phone and email scams are still around, many contemporary digital swindlers have shifted their focus to user-heavy social media platforms like Facebook and Instagram to ply their devious trade.

Today, enjoying social media safely means knowing how to spot and avoid these snake oil salesmen – and we’re here to help you do just that! We’ve rounded up some of the most common scams we’ve come across after many years of social media marketing, so you can stay informed on the latest tricks and avoid having your accounts compromised or your precious information stolen. Let’s dive right in!

Perhaps the most common scam we see in our line of work is the fake Meta Support message. For this trick, scammers will attempt to impersonate a member of Meta’s Support Team and send a warning message through Facebook Messenger, typically claiming a page has broken the platform’s Terms of Service (ToS) by violating a rule around privacy or copyright.

These scammers put in a lot of effort to dress up their messages as official communications from Meta, often including photos and language that appears professional on the surface. Their favourite strategy is to create a false sense of urgency by threatening to permanently delete a page if no action is taken within a set time limit. Ultimatums like this are intended to spur panic in the user and encourage them to act before fully understanding the situation at hand. It’s a common scam tactic, and one that’s sadly effective.

The first major red flag with these scams is the message itself – and more specifically, how the message is delivered. According to Meta’s own policies, important information related to your account will always be communicated through an official Meta email, and never through Messenger alone. Upon closer inspection, you’ll also likely notice grammar and formatting mistakes that should immediately raise suspicion.

If you ever receive a message like this, be sure to report it as spam and avoid clicking any attachments, no matter how official they might appear. If you’re still worried about your account, you can always reach out to Meta directly to confirm your account isn’t at risk.

While monitoring social media accounts, we occasionally come across what’s generally referred to as the “Romance Scam.” This scam involves using a fake Facebook persona to comment on someone’s post and initiate a friendship with them. These comments usually come off as overtly friendly and use exaggerated compliments and emojis to woo the victim into a false sense of safety.

What makes this scam especially nasty is the sheer level of dedication involved. These scammers will sometimes spend months forming a relationship with their victim, with some going so far as to initiate a full-blown romance with them. Once trust is earned, they’ll begin asking the victim for money, usually by claiming they’ve fallen on hard times and have no one else to support them – essentially guilt-tripping their victim into sending them potentially thousands of dollars in “financial assistance.”

To spot the warning signs and avoid falling victim to this scam, always remain vigilant while using social media; don’t let your guard down simply because someone wrote you a few kind words out of nowhere. Since these scammers like targeting older demographics who aren’t as familiar with these kinds of scams, it’s important to check in with parents and grandparents occasionally to make sure they aren’t falling victim to this scheme.

Social media is a great place to host contests and giveaways, but that also makes it a hotbed for those looking to take advantage of your emotions. Fake giveaways are exactly what they sound like: scammers phishing personal details from unsuspecting users with the promise of free goodies. Unlike many other scams, all this one takes is a simple “You win!” message, and the seed is planted.

Thankfully, phony contests and giveaways are also fairly easy to spot. Before entering any giveaway online, always make sure to research the person or business behind it; is their page legit and verified, or was the account created yesterday? Is the giveaway for something extravagant, like a huge sum of money or the newest iPhone – in other words, is it too good to be true? If yes, you may very well be dealing with a fake giveaway.

If you’re ever asked to share personal information online beyond a name, phone number or email, you should always stop and double-check who you’re dealing with. No legitimate contest should need more than the basics from you, and anyone asking for more is likely not doing so in good faith. Stay alert and keep your personal data close!

Have you ever gotten a message from one of your Facebook friends telling you to click on some odd looking link, only to find out later their account was “hacked”? This is what happens when scammers successfully breach an account, either by brute forcing the password or by conducting a successful phishing scam.

Once they gain access to an account, these “hackers” will start sending out phishing links to that person’s friends, much like a virus trying to spread itself around. The idea is to get as many clicks as possible by casting a wide net, and by clicking the link, you risk downloading a virus or being prompted to give up valuable information, like your passwords or banking details.

Best practices to avoid this scam are simple: if a friend sends you a vague or out-of-character message – especially if it includes some sort of link – it’s always a good idea to remain skeptical and ask for more context before even thinking about clicking anything. If possible, reach out to that friend through other means to let them know their account may have been broken into. A quick password reset and setting up two-factor authentication (more on that later) should be enough for them to regain access to their account.

Another thing to keep in mind on social media is phony job offers from fake companies. Whether it’s through a private message, a public post, or even an Indeed listing, these scams lure people in by promising cushy jobs with great benefits and salaries that seem too good to be true – and that’s because they probably are.

As usual, a bit of research can go a long way in this case. Before applying for the dream job that happened to pop up on your feed or responding to that cold recruitment email, always dig around for more details about the company behind it. If you’re struggling to find any solid information about the company, the salary, or the specifics of the job – or if the application asks for sensitive information for no apparent reason – there’s a good chance that job doesn’t exist.

It’s always better to be safe than sorry, so while that fancy title and bloated salary might be tempting, you should avoid giving your information out to any dubious job offers and instead report the listing, along with the person or company promoting it.

When it comes to protecting yourself from online scams and hackers, two-factor authentication (or 2FA) is likely your best bet. While it might seem like an annoying inconvenience, it’s a small price to pay for securing your accounts, and you’ll be glad to have it set up when you need it.

If you aren’t aware, 2FA simply provides an extra layer of security for your accounts by adding a secondary email that’s used to confirm any new login to your account. This way, even if your main account gets compromised, the intruder won’t be able to access your account without also gaining access to your 2FA email. It’s the same as adding a second padlock to your door that uses a totally separate key, and it’s been proven to stop pesky scammers and account thieves in their tracks.

For a full rundown on 2FA and how to activate it for your Meta accounts, you can check out these helpful tips on Meta’s website.

No matter how careful you are online, using social media will always carry some risks. At the end of the day, the best way to protect yourself is to understand the platforms you’re using and keep your eyes peeled for anything that seems “phishy” or otherwise suspicious. Trust your instincts, limit what you share with others, and stay informed about the types of scams that exist out there in the wild.

For full protection against phishing scams, you might also consider hiring an agency like us to manage your social media – we’re always here to help!