In this article:
Identity theft and fraud protection for your finances, personal info, and devices.
How Can You Protect Yourself on Social Media?
For thousands of Americans, work-from-home jobs offering great pay and solid benefits sounded like a dream. But for those who responded to messages on LinkedIn (and other social media networks) claiming to be from “ESET,” that dream quickly became a nightmare.
After downloading and filling out PDF job application forms, victims’ devices were infected with malware, and scammers walked away with their sensitive personal information [*].
Cybercriminals use social media ploys like this to trick unsuspecting targets into downloading malware, sending money, or giving up personal information. According to the Federal Trade Commission (FTC) [*]:
There were over 83,000 reports of social media scams in the first half of 2023 alone — with victims losing more than $650 million.
The more information that you share on social media, the more you open yourself up to social media fraud and scams. In this guide, we’ll cover the most common social media scams to watch out for, how to protect yourself on social networking sites, and what to do if you’re a victim.
🔎 Get alerted fast if your social accounts are hacked. Identity Guard monitors your social media accounts (and other sensitive information) for signs of fraud, malicious links, and hacking. Save up to 33% when you become an Identity Guard member today.
7 Social Media Scams and Dangers To Avoid
Social media gives fraudsters easy access to millions of potential victims, and the playbook of scams is only getting longer.
Fraudsters pose as friends, recognizable companies and organizations, or sellers on marketplaces — and use social engineering tactics to trick you into sending them money or providing private information, credit card details, and passwords.
Here are some of the most dangerous threats on social networking sites:
- Fake marketplace listings and other online shopping scams. 82% of shoppers use social media to make purchases. Scammers target them with ads to fake stores, fraudulent marketplace listings, and other shopping scams [*]. If you provide payment details or send money to these social media shopping scammers, you’re opening yourself up to fraud.
- Investment scams (especially cryptocurrencies). Fraudsters promote fake “investment opportunities” in social media groups or via direct messages. But any money you “invest” goes straight to the scammers.
- Hackers impersonating your friends and contacts. Hackers create imposter social media accounts and pose as your contacts. They then ask you to send them money or click on phishing links.
- “Chatbots” that hack your account. You may receive fraudulent notifications that appear to be from a chatbot stating that your password needs to be reset or you’ve violated community standards and need to provide your login credentials. But entering this data will give scammers direct access to your accounts.
- Fake social media surveys. Beware of online surveys on social media that offer sweepstakes entries or high-ticket items like electronics. These are designed to collect your personal information, which can then be sold on the Dark Web. In addition, some scammers create fake personality quizzes that are designed to collect the answers to common security questions.
- “Is this you in this photo/video?” scam. If you receive an unexpected message about a photo or video from someone on your friends list, resist the temptation to click on the link alongside the message. This is a common Facebook messenger scam (which can also be conducted via email) designed to play on your curiosity. Once you click, you’re usually taken to a fake website and asked to input your login details.
- Fake remote job opportunities. With over half of the U.S. workforce wanting to work remotely [*], scammers have gotten creative with fake work-from-home schemes. Even a seemingly innocent request — like being asked to fill out a job application over social media — could potentially be the start of a scam.
The bottom line: Using social media is one of the easiest ways for scammers to target victims. Any strange interaction or too-good-to-be-true deal should be handled with suspicion.
How To Protect Yourself on Social Networking Sites
- Keep your accounts private
- Share as few personal details as possible
- Use strong and unique passwords for each account
- Enable 2FA whenever possible
- Disable location services
- Delete unused social media accounts
- Don’t accept friend requests from strangers
- Check before clicking on links or downloading files
- Learn the warning signs of an online scammer
- Secure your devices with Safe Browsing
The best way to stay safe on social networking sites is to secure your accounts, control who can contact you, and minimize what personal data people can see about you. Here are 10 steps you can take right now to boost your safety on social media:
1. Keep your accounts private
Even seemingly harmless information on public social media profiles can give scammers a leg up when targeting you with phishing attacks. For example, they might use information such as your name and location to uncover your home address or phone number.
By updating the security settings across your social media accounts, you can control who can find you and what information strangers and scammers can easily learn about you.
How to update your social media security settings:
Each social networking site has a different set of privacy options – but in general, you’ll want to limit who can see your personal information and contact you. Here’s how to update your account privacy settings on some of the most popular social networking sites:
💡 Related: How To Avoid Social Media Identity Theft →
2. Share as few personal details as possible
Even if your accounts are private, there’s still always a chance that your personal information could slip through the cracks. For example, if one of your friends has their Facebook account hacked, cybercriminals will be able to see your profile, posts, and personal information.
Best practices for limiting what you share on social media:
- Keep your profile purposefully slim. Limit what you include on your social media profiles to prevent scammers from getting their hands on any information you don’t want them to have, like your exact location and phone number.
- Always ask, “Should I post this?” Before making posts or sharing information, take a moment to consider whether it’s possible to remove certain details that might be best kept private.
3. Use strong and unique passwords for each account
Once scammers gain access to one of your social media accounts, they often try to use your credentials to access other accounts — including your online bank account or email. If you reuse the same or similar passwords for multiple accounts, you’re giving cybercriminals easy access to all of your accounts.
Best practices for creating unique and strong passwords:
- Use longer passwords. In general, the longer a password is, the better. Using 10 characters is a good minimum for each of your different passwords.
- Opt for passphrases that are hard to guess but easy to remember. Instead of long randomized strings of letters and numbers, use sentences or phrases that would make sense only to you. For example, “L0rDoFth3R1ng$.”
- Don’t include personal information. Avoid creating passwords based on personal information that’s easy to find — such as your name, birthday, or hometown.
💡 Related: Do I Need Identity Theft Protection? (What You Need To Know) →
4. Enable two-factor authentication (2FA) whenever possible
Two-factor authentication is a security measure that requires a secondary credential before you can log in to your online accounts. For example, a one-time-use code is sent to your phone or through an authenticator app.
2FA makes your social media accounts much more secure. If you haven’t enabled this function yet, do so now in each of your accounts’ security settings.
Zoom out: Never give out 2FA codes. If anyone asks for your authentication codes — even someone claiming to be from a company’s tech support team — they’re trying to scam you.
5. Disable location services, and don’t share live locations
Most social networking sites allow you to share your location whenever you post or share photos and videos. But sharing your live location makes you vulnerable to scammers as well as more dangerous criminals, such as stalkers and thieves.
While you can turn off location sharing in your social media accounts, it’s easier to simply disable location services on your device. This can prevent your location from being automatically tagged when you make new posts on social media.
How to turn off location services on:
💡 Related: What Are Tech Support Scams? (How To Spot and Avoid Them) →
6. Delete expired or unused social media accounts
Unused or old social media accounts may not seem like a big deal; but hackers target these because they know you’re less likely to notice if outdated accounts have been compromised.
Whenever you open a new account (or every six months), take inventory of your social networking accounts and delete any that you aren’t using.
🏆 Choose award-winning identity theft and fraud protection. Identity Guard monitors and alerts you if scammers are using your personal information, passwords, and financial accounts. Save up to 33% when you become an Identity Guard member today.
7. Don’t accept friend requests from strangers
Even if a friend request seems legitimate and the profile appears normal at first glance, you don’t truly know who’s behind the account or what their intentions are. If you wrongfully accept a scammer’s friend request, they’ll have access to your entire profile and friends list.
💡 Related: How To Opt Out of Data Broker Sites →
8. Check in with contacts before clicking on links or downloading files
If you receive an unexpected direct message (DM) from someone you know, and the content or writing style seems out of character, avoid interacting until you can verify the sender’s legitimacy.
Don’t respond and definitely don’t click on any links or attachments included in the message. If in doubt, reach out to the person directly, and confirm by using an alternative contact method.
💡 Related: 15 Facebook Scams You Didn't Know About (Until Now) →
9. Learn the warning signs of an online scammer
Online scammers are constantly adapting their methods to evade suspicion. However, there are specific traits and phrases that always give them away.
How to know if you’re dealing with a social media scammer:
- The messages contain poor grammar or spelling errors. Many scammers use awkward phrasing, strange formatting, or poor spelling and grammar in their messages. Be cautious if you receive a message that reads unnaturally.
- The profile belongs to someone you’re already friends with. Scammers sometimes impersonate your friends or acquaintances by creating fake clones of their profiles. If you receive a request from someone you’re already friends with, it’s probably a scammer.
- The profile is empty or appears to be new. No posts, an empty profile picture, and only a handful of followers are all signs that you might be dealing with a fake account.
- You’re asked to move the conversation to text messaging. Social media sites often have security measures in place to prevent scams. Be cautious if a stranger tries to get you to move off the platform.
💡 Related: How To Spot a Fake Airline Website (and Airline Ticket Scams) →
10. Secure your devices with Safe Browsing and digital security tools
While you can do everything in your power to secure your social media accounts and avoid scams, it’s almost impossible to stay completely safe. Digital security tools can be an added layer of protection — especially against hackers and scammers who prey on device and platform vulnerabilities.
Tools that can help protect you and your family against social media scams:
- Antivirus software. Social media scams often include links or attachments that install malware on your device when clicked. Antivirus software protects your device from becoming infected if you accidentally click on a suspicious link.
- Auto-updates. Viruses and hackers often take advantage of security vulnerabilities in outdated software or device operating systems. Turn on automatic updates to ensure that you’re always up to date with known security issues.
- Virtual private networks (VPN) and website blockers. A VPN masks your IP address, so you can safely browse social media — even when you’re using public Wi-Fi networks. Website blockers can also prevent you from unknowingly entering spam sites or falling for phishing scams if you click on malicious links in social media messages.
- Password manager. A password manager creates and stores all of your login credentials in a secure place so that you can easily access them when you need them (using a master password). The password manager included with every Identity Guard membership can also warn you if your passwords are too weak or have been leaked in a data breach.
💡 Related: How To Check If Someone Is Using Your Identity in 2023 →
Did You Get Scammed on Social Media? Do This!
- Update your password, backup email and phone number, and security questions. If you’ve been scammed but still have access to your accounts, quickly update your credentials to prevent scammers from taking over your accounts.
- Regain control of hacked accounts. If hackers locked you out, you’ll need to go through the social media platform’s process for regaining access. This usually starts with requesting a “password reset” from the login page. However, if scammers have changed your backup email account or phone number, this process could be more complicated.
- Make sure you’ve enabled 2FA via an authenticator app. Enabling two-factor authentication may or may not stop scammers who’ve already gained access to your account, but it can prevent them from getting into your other social media accounts.
- Gather evidence of the scam before you block and report the account. You’ll want to block and report the scammer in order to mitigate further damage. But be sure you’ve taken screenshots of their profile and any communications before doing so, as you may not be able to access this evidence again once the scammer’s been blocked.
- Try to cancel any pending payments or transfers. If you sent scammers money, contact the financial institution or crypto exchange that you used, explain that you’ve been the victim of a scam, and see if you can cancel any fraudulent transfers.
- Do a full antivirus scan of your device. If you were tricked into clicking on a link, it’s possible that your device was infected with malware. You’ll need to run an antivirus scan to check for malicious software.
- Freeze your credit with all three bureaus. In the event that your identity is stolen by a social media scammer, a credit freeze will prevent anyone from taking out new loans in your name. You’ll need to contact each bureau individually – Experian, Equifax, and TransUnion – to request a freeze.
- Report the scam. Report the scam to both the social media platform and the FTC by visiting ReportFraud.ftc.gov.
Zoom out: Don’t get stuck dealing with identity theft on your own. With Identity Guard, you get access to U.S.-based access to White Glove Fraud Resolution Specialists who can walk you through the steps you’ll need to take if scammers use your Social Security number (SSN) and other sensitive data. Save 33% when you sign up for Identity Guard today.
The Bottom Line: Don’t Let Scammers Target You On Social Media
Social networking sites offer easy ways for scammers to target victims. Cybercriminals scour the web for any personal information they can use to prey on you – unless you know how to keep yourself safe.
With help from an identity protection provider like Identity Guard, you can prevent social media hackers from targeting you.