Social Media Hijacking

Welcome to The Safety Net, a newsletter that profiles scams and helps you protect your family from them. If you like this issue, please share it with anyone who might like it. Thanks!

Social Media Hijacking

Apps like Facebook, Instagram, LinkedIn and WhatsApp have become part of the fabric of our lives. We use them to keep in touch with family, chat with friends, and connect with like-minded communities. 

As a result, our social media accounts are prime targets for scammers. It’s a perfect setup for them - once they get access to your social media account, they have access to a rolodex of friends, coworkers, and family members who already trust you. Taking advantage of that trust, scammers send messages from your account, pretending to be you, and convincing people to fall for their scam.

Here’s a real scam message sent through Facebook:

This message comes from a friend whose account was stolen. But how could you know that from the message? You might think this is a real message and wonder what is in the video, especially if this is a good friend.  Beware, if you click on the video link they might steal your social media account, or send you to a scam page that tries to do so. 

These scams work because we trust our friends and the scammers take advantage of that trust. If you get a strange message with a link on social media, don’t click on it! Instead:

1. Check their Profile. Before doing anything else, check to see if their profile has been taken over. If someone has stolen the account you can usually tell because there is no real activity you would expect from a normal person. 

2. Ask a Question. Ask the person to confirm their identity by sharing something you would talk about. Most of these scams are just bots, so asking a question will reveal them as scams almost immediately. 

3. Contact the person on another channel. Scammer might have stolen their Facebook account, but they likely don’t have their phone number or email. Send the person a text or give them a call to see if it’s a valid message from them. 

Modern systems have gotten pretty good at filtering out spam messages, which is why scammers want to take over accounts on social media. If they can send scam messages as you, then it increases the chances that they’ll avoid the filters and successfully trick their victim. 

It’s sad that we can’t trust that every message from our family and friends are legitimate, but that’s the reality. The next time you get an odd message on social media, think twice before clicking on strange links.

Quick Tip of the Week: Identifying Bots

Many scams are run by computer programs called bots. Instead of a person sending messages, it’s just a program pretending to be a person. As a result, you can identify bots by asking them to do things that only humans can do. For example, ask them who won a sporting event last night or when was the last time you two met in person. These kinds of questions are impossible for bots to handle, and their responses make it obvious they aren’t real people. 

Have you come across a scam recently? Received some weird messages that you think might be a scam? Forward them to [email protected] and we’re happy to help! We’ll take a look and let you know what we think, and if it is a scam we’ll profile it in future issues of The Safety Net to protect others.