Other > Guides

How to Avoid Being Scammed on Social Media

Fred Isaac

Fred Isaac
Jul 1, 2016

Scammers and con artists are increasingly targeting social media sites like Facebook and Twitter.

And it’s not hard to see why; with billions of users who are more than happy to share anything from bank cards to family pictures, social networks are a candy land for fraudsters.

Here’s some of the tricks scammers are trying and some tips on how to avoid them.

 

Pharming

Phishing – sending emails purporting to be from a legitimate company – is one of the oldest tricks in the scammer’s bible.

Pharming is the social media version.

Scammers pretending to be a legitimate business will show you a link to a familiar website - a page you've visited or liked before, for example. 

It will have an eye catching headline that is designed to tempt you to click through, but the landing page you arrive at is actually just a convincing fake of the real version.

To view the content, you will be asked to enter your social media log in details. The moment you do so, the hacker takes your details and has free reign over your account.

They will also test these details against your bank account and other personal profiles you have on-line.

Transferring money on social media is becoming easier and easier - Snapchat has launched SnapCash, Gmail allows you to send money directly and Facebook messenger has a little dollar sign allowing you to send small sums.

 

An advert for Snapcash - transferring money transfer on social media will attract more scams

 

Scammers are looking to capitalize on this development and use pharming to try and get you to part with your cash.

They may even pose as disaster relief funds or charities, with fake pages containing a form asking users to donate. 

 

How to avoid pharming scams:

Control your finger and avoid clicking on anything that looks dodgy.

Invest in some anti-phishing software and never browse without anti-malware running.

Also, try typing the name of the site you’ve been prompted to visit into Google’s search bar – this will help you determine whether it’s genuine.

 

Dodgy apps and how to spot them

Scammers are exploiting apps to cast their nets wider and encourage a con to go viral.

Harmless looking apps can be the most dangerous.

A great example is the Facebook ‘Dislike Button’ app, which pretended to be from Facebook but was in fact a sophisticated scam.

Users were asked to download an app that would give them a dislike button.

But downloading it actually allowed scammers to access a user’s account, using it to post spam messages and advertise an online survey for which they get paid.

Here’s the clever bit: the app is then promoted on the hacked profile to that user’s friends.

Because if it looks like your friend has endorsed it, you’re more likely to download the app yourself, right? Definitely. 

Other apps give users malware through a Microsoft patch or bogus versions of flash. These can also give criminals access to personal details and financial data.

 

How to protect yourself against dodgy apps:

This one is all about judgement.

Social Media sites will take down fraudulent activity quickly, but because of the sheer mass of material some will always slip through the net. 

Use common sense and avoid clicking on unfamiliar sites or links. 

 

Fake accounts

Facebook inboxes and Twitter feeds will be full of messages from scammers asking them to contact them via email, provide bank details or even transfer money.

Some malicious messages are quite difficult to spot.

You might, for example, get one pretending to be from a friend asking for money.

Be warned: they may have been hacked and it might not be your friend at all. Malware may have taken over their account and sent that message to every single one of their friends.

In some dodgy messages, the user will offer to show you pictures of themselves if you send them an email.

Others claim you have come into some money and you to transfer them some cash so they can unlock the funds.

In both instances, avoid ANY contact. Sending them an email may be all the scammer needs.

 

How to spot fake accounts and fake requests?

Again, it comes down to common sense. If you don’t know the person – ignore them.

If the message comes from a friend, exercise caution and contact them on the phone before doing anything else.

On Facebook, limit your number of friends. However popular you are, it’s unlikely you really have 2,498 pals (sorry).

 

When sharing is not always caring

People are far too open on social media networks.

Getting on top of your privacy settings will help you avoid being the victim of a scam.

And whether it’s Instagram, Facebook, Twitter or another platform, it’s very important to be careful what you share and who you share it to.

NEVER post any bank details or pictures of bank cards. You might think this doesn't even need saying but a shocking number of people do it.

Even posting pictures of a gig ticket is a bad idea: scammers can take the bar code and make a duplicate.

Watch out for automatic geo-tagging when you uploaded pictures or post a status.

As well as your text or images, your upload will also show where you are on a map. Disable this feature to avoid scammers using the GPS to track down your home address.

 

Quizzes and Surveys

Dodgy quizzes and surveys are everywhere on social media.

An advert asks you: “Which James Bond character are you?” and you just can’t resist.

When you click through, a pop up requests you type in your personal details: email, phone number, occasionally even bank details.

Next thing you know, money has been taken from your account because you've unwittingly signed up to a subscription service.

And the scam has automatically posted itself to your Facebook wall or Twitter feed, claiming your endorsement and encouraging your friends to complete the survey too.

Shortened URLs – particularly prevalent on Twitter –  are often used to promote surveys and quizzes because they hide the identity of the site you’re visiting.

 

How to avoid falling for dodgy quizzes and surveys:

If a survey or quiz needs your bank details or phone number to complete – we don’t think it’s worth doing.

Stick to trusted brands like Buzzfeed and be wary of posts from friends.

Even if it comes from a site like Buzzfeed, be cautious because, as we said earlier, scams gain legitimacy by impersonating well-known brands.

 

Clickjacking

Shocking: Hitler alive and living in Nazi base on the moon

You won’t believe what Barack Obama just said about Madonna

These kind of headlines are what’s known as clickjacking. Luring in a user with a nonsense, click bait title to get them to visit a web page.

The link contains a malicious code that fools Facebook into believing you've “Liked” the story.

So if you click through, Facebook promotes the link to your friends and, if they click, they too automatically share the con artist’s work.

It’s wild fire scammer advertising and, sadly, it works.

It works on Twitter in the same way; when you click through a link in a Tweet, it can retweet it to your followers.  

 

How to beat clickjacking:

Look at the URL structure; if it has a weird suffix you don't recognize (the .co.uk bit) then steer well clear.

Also, if a story looks too sensationalist to be true don’t click on it.

 

 

If you think you’ve been the victim of a scam on social media, get in touch with A Spokesman Said - we’ll fight your corner.



Newsletter silhouette

GET OUR NEWSLETTER

Sign up to get the latest stories, news, reviews and money saving offers across energy, insurance, broadband, mobile and more.

Thank you for subscribing.