Stay Safe on Social Media & Email – Online Presence Under Attack
This issue, we’re covering scams that exploit our everyday online communication – from social media scams to sneaky frauds in your email inbox (beyond the typical phishing we covered earlier). Social networks and emails connect us with friends and information, but they also connect us with imposters, hackers, and hoaxes. Let’s learn how to enjoy the online social world while staying scam-wise.
Social Media Scam Alerts
Social platforms like Facebook, Instagram, Twitter, and TikTok have become hunting grounds for scammers. Impersonation and trust schemes are common: someone might hack or duplicate an account of your friend or relative, then message you asking for money or personal info. For example, the “Hi, I’m traveling and got robbed, please send money” message – always verify by calling the real friend directly. Another one is the romance or friendship approach via social media (we covered romance scams in Issue #2). Even beyond romance, scammers might start a conversation in comments or DMs, then pitch a business opportunity or ask for financial help once trust is built.
Be mindful of what you share publicly. Scammers can use details you post – like your pet’s name, mother’s maiden name (if you innocently answer those “fun quizzes”), or your birthday – to guess passwords or answer security questions to breach your accounts. Check your privacy settings so that you’re not oversharing personal info with the public.
Also, note that social media is a top way scammers initiate contact – reports show that if a stranger on social media contacts you, there’s a high likelihood of fraud if the conversation moves towards money. In 2024, nearly 70% of people who were approached by scammers on social media ended up losing money, totaling about $1.9 billion in losses. So keep your guard up with unknown contacts online, no matter how friendly or legitimate they may seem.
Common social media scams to watch:
- Fake Giveaways and Contests: “Congrats, you won a $500 gift card! Comment/Share and we’ll send it.” Or a popular brand page that’s actually a lookalike asking for your info to claim a prize. Real companies don’t ask winners to pay fees or provide sensitive data beyond perhaps a shipping address. If you didn’t directly enter a contest, assume any “win” is fake.
- Investment or Crypto Scams: You see a post or get a DM about a miraculous money-making method. They might even show fake testimonials. These often lead to “send me $100 in Bitcoin and I’ll turn it into $1,000” – which never happens except in your nightmares. Don’t buy financial products or crypto schemes pitched through social DMs.
- Shopping Scams in Marketplace/Groups: As mentioned last issue, be careful buying from individual sellers on social platforms. Also, watch for fraudulent ads (like an ad for an amazing gadget at a low price that directs you to a dubious site). Facebook and Instagram do try to police scam ads, but some slip through. Check comments on the ad (if any) to see if people report it’s a scam. And remember, use credit cards for protection.
Email Scams Beyond Basic Phishing
We all know not to click suspicious links, but some email scams deserve a special call-out:
- Email Extortion Scams: You might get an email that looks alarming: the sender claims they hacked your computer, have footage from your webcam, or evidence you visited “adult” websites, and they demand a Bitcoin ransom to not release this info. Often, to make it scarier, they’ll include an old password of yours in the message (obtained from a past data breach dump). Don’t panic. This is almost always a bluff . They don’t actually have anything on you; they use fear and that bit of personal data to seem credible. The best action is to ignore and delete these emails. If an old password was mentioned, make sure you’re not using it anywhere anymore. Never send money or respond to these extortion attempts.
- “Can You Do Me a Favor?” Boss/CEO Scam: This typically targets workplaces, but could happen personally too. You receive an email that appears to come from your boss, pastor, or someone you know in authority: “I’m tied up in a meeting, but I need you to purchase $200 in gift cards for a client urgently. I’ll reimburse you. Just scratch off the backs and email me the codes.” It’s a scammer using a spoofed email or a very similar address. Always verify unexpected requests for money or personal favors by voice or in person with the supposed sender. 99% of the time, they didn’t send that email.
- Tech Support Refund Scams (via email): An email says you’re due a refund from a tech purchase or your antivirus subscription is ending, etc., with a number to call. If you call, it leads to the tech support scam scenario (they’ll “accidentally” refund you too much and ask you to send money back, etc.). Delete these; contact companies directly if you think there is a real billing issue.
Protecting Your Online Presence
- Strengthen Security: Use strong passwords and 2-factor authentication on your email and social media accounts. This prevents hackers from taking over your accounts and then scamming your friends.
- Review App Permissions: Those fun quizzes and games on social media? They often ask for access to your profile data. Be selective about which third-party apps you allow to connect to your Facebook or Google account. Periodically prune any that you no longer use. Less exposure = less risk.
- Think Before You Share: Scammers glean info for social engineering from what you post. It’s fine to share life updates, but maybe hold back sensitive details like your new home address or that you’re away on a 2-week vacation (save those vacation pics to share after you’re back, so burglars aren’t tipped off).
Clean up your digital footprint. Consider using a service like DeleteMe or PrivacyGuard that helps remove your personal information (addresses, phone numbers, etc.) from data broker websites. This makes it harder for scammers to get info about you and impersonate you or target you for tailored scams. Also, take a moment this week to do an account security check: update any weak passwords and enable 2FA where it’s missing. By fortifying your online accounts and being cautious with strangers online, you’ll keep enjoying the best of social media and email – without falling prey to the worst of the scammers. Stay safe out there!