How Scammers Use Social Media Sites For Phishing

Phishing was originally a type of email scam where crooks would pretend to be reputable companies or known individuals in order to get people to divulge key personal information. Now, the tactic has expanded to several other media types – including social media.

The basic premise is the same as always. On a social media site, a crook may respond to posted complaints about companies while pretending to represent those businesses. Then, they might ask for account logins, usernames, and even credit card numbers and real names under the guise of “looking into your complaint.” Other scams also present themselves.

How Can You Protect Yourself Against Phishing and Other Social Media Cons?

First, start with foundational security measures. Some of the most basic social media cyber security measures are the most effective. For all of your social media accounts, use passwords that are hard to guess. Browser plugins that generate passwords make it easy to come up with gibberish strings that don’t appear in any dictionaries.

Always remember to log out of your accounts and uncheck the “remember me” option if you are using a shared computer, work computer, or any device that could be accessed by someone else. This basic cybercrime prevention tactic stops many crimes of opportunity.

Next, focus on how to protect your identity online. Some social media sites give you the opportunity to display overly-personal information about yourself, like your birth date, age, and biography. Refrain from being too detailed, or identity thieves can use this data to impersonate you.

Be careful about accepting friend requests. Just because a platform uses the term “friend” doesn’t mean that the other person is friendly at all. It could well be a con artist trying to gain your trust.

It is important to remember that criminals won’t obey social media privacy laws. If they cared about obeying laws, they wouldn’t be criminals! Therefore, you must be the one who takes steps to keep your personal information private. The “right to be forgotten” law, in places where it applies, forces companies to take your accounts and posts down if you demand it, but to a prolific social media user, deleting your own account is the nuclear option. Plus, it won’t erase your information from any records that crooks have already made.

Protecting yourself against phishing, in particular, requires being absolutely sure of who you’re talking to online. This is easy with some platforms. Twitter, for example, gives a blue checkmark to verified accounts. Facebook has a similar marker. Someone working as a company representative should be using an account that reflects the company name, as well as a verified marker. This is a good sign that you can divulge some information. Even then, avoid giving out credit card numbers, social security numbers, and other highly tempting tidbits. This will help keep overworked company personnel honest.