Social Media Scams – The New Era of Phishing

Phishing Scams have been a common scam since the invention of the email, with them getting more and more sophisticated as the years have gone on. The growth of social media marketing has seen a massive growth in the number of small businesses that have social media accounts to run their marketing.

Social media hasn’t been safe from cyber-attacks through the years, criminals looking to exploit user data in exchange for money from businesses is a very common occurrence online. The reliance on social media marketing for smaller businesses makes their accounts a very plausible thing to ransom.

There are many different social media phishing attacks to look out for, on every social media. Here are some common attacks that could be targeted at your business.

Fake Login Pages

Attackers will create counterfeit login pages that closely resemble those of popular social media platforms like Facebook, Twitter, or Instagram.

Victims are then directed to these fake pages through links or email, and when they enter their login credentials, the information is captured by the attackers.

These kind of social media scams are often effective due to familiarity of the design making it easy to see as regular landing page. It is important to always check the link for the page, if you are unsure what the official link is, google the log in page and compare the 2.

Fake Requests from Fake Profiles

In these social media scams, attackers create fake social media profiles using stolen profile pictures and information. They then send friend requests or connection requests to users and often engage in conversation to build trust.

Once trust is established, the attackers may send malicious links or requests for personal information. It is another easy to fall for attack as we are more likely to trust people we know. To avoid this always ask the person through another form of communication. For example, send them a text or call them if you get a Facebook message.

Survey Scams

This one is a very real threat and more common than you think. In this, phishers create enticing surveys or quizzes that users are encouraged to participate in. These surveys often request personal information or require users to click on links to proceed.

The information collected can be used for identity theft, fraud, or further phishing attempts. Helping with social engineering attacks too. To avoid this, make sure that you never give away sensitive information in any surveys and always make sure you’re certain where the survey is coming from.

Impersonation

Arguably the most common of the social media scams: This attack goes hand in hand with a fake friend request attack, however if your friends account is compromised, you could receive a message from their actual account.

Impersonation attacks involve attackers pretending to be someone trustworthy, such as a celebrity, a colleague, or a friend. They may send messages or comments that seem genuine but contain malicious links or requests for sensitive information or money. Impersonation attacks exploit users’ familiarity and trust in the impersonated person or entity.

To avoid these, follow the same steps as the fake friend and contact the person through other means to make sure it is real. Or if it is a celebrity, use some critical thinking, a celebrity will never be asking for money or sensitive information unless in exceptional circumstances.

Fake Giveaways

Attackers impersonate well-known individuals or brands and claim to be running giveaways or promotions. Victims are lured in with promises of prizes or cryptocurrency, but they are usually required to send a small amount of money for “verification” or provide personal details.

These scams exploit users’ desire for quick gains and can result in financial losses. It is a very easy to avoid this kind of scam, if it feels too good to be true: It probably is.

Social Media is a fantastic way to get your brand out there… But is full of risks and potential scams, being vigilant goes a long way in protecting not only your business but also your personal data from social media scams.

To see more ways, you can protect yourself and your business from phishing, check out these other insightful blogs:

How Simulated Phishing Can Protect Your Business From Rising Phishing Attacks

Future of Phishing Scams – Preparing Yourself

AI is Making Phishing Emails Much Harder to Spot

5 of the Worst Phishing Attacks of All Time

Some interesting statistics on social media scams : Social media a gold mine for scammers in 2021 | Federal Trade Commission (ftc.gov)