Beware of Social Media Phishing and Impersonation Scams
posted on Wednesday, October 18, 2023 in SHAZAM Blog
Social media platforms have become a part of everyday life. From keeping in touch with friends and family to networking with professionals and following favorite brands, many individuals rely heavily on these platforms. It’s important to remember that along with the convenience these platforms provide, there are cybersecurity risks to be aware of.
Recently, there have been reports of fraudsters using social media messaging platforms to carry out phishing and impersonation scams. So, before you respond to the next message alert on your favorite social media app, make sure you know what to look out for in case it’s a scam.
Phishing is a social engineering tactic that involves tricking individuals into giving out sensitive information such as passwords, credit card details or personal identification information. Phishing is often disguised as a legitimate request or message from a trusted source. On social media, phishing attacks can take various forms, including fake friend requests, deceptive links and impersonation.
Fake Friend Requests
Cybercriminals create fake profiles, often using stolen pictures and information, to send friend requests to unsuspecting users. Once accepted, they may try to extract personal data or engage in malicious activities.
Always verify the authenticity of friend requests or messages. If in doubt, contact the person through another channel to confirm their identity. Social media verification has become a paid service, so verified profiles only sometimes mean legitimacy.
Cybercriminals frequently share deceptive links disguised as news articles, videos or promotions. Clicking on these links can lead to malware downloads or the theft of login credentials.
Before clicking on any links, hover your mouse over them to preview the destination URL. Ensure the website is legitimate and secure (i.e., starts with HTTPS).
Impersonation on social media involves creating fake profiles or accounts that mimic real individuals or organizations. Criminals also impersonate brands, offering fake giveaways or promotions. Users who engage with these posts may unknowingly share personal information. Malicious impersonators exploit trust to deceive users for various ulterior motives.
Fraudsters often target individuals, copying their photos and personal information to create fake accounts that can be used for harassment, fraud or defamation. Always verify the authenticity of friend requests or messages. If in doubt, contact the person through another method to confirm their identity. Social media verification has become a paid service, so verified profiles only sometimes mean legitimacy.
In addition, cybercriminals are creating fake accounts pretending to be legitimate organizations or government agencies to dupe users into giving away money, sharing personal details or compromising confidential information.
Phishing and impersonation scams on social media are not just inconvenient; they pose significant risks to our digital lives. Cybercriminals are becoming increasingly adept at using these tactics to exploit unsuspecting users. By being cautious, educating ourselves and others about these threats, and taking proactive security measures, we can protect our online identities and enjoy the benefits of social media without falling victim to its risks. Here are some best practices to keep in mind:
- Enable Two-Factor Authentication. Implement two-factor authentication wherever possible on your social media accounts. This adds an extra layer of security by requiring a secondary code for login.
- Use Strong Passwords. Create strong, unique passwords for each social media platform. Utilize password managers to store and manage your credentials securely.
- Monitor Your Accounts. Regularly review your account activity and check for unauthorized access or suspicious activity. Promptly report any issues to the platform.
- Educate Yourself. Stay informed about the latest phishing and impersonation tactics. Knowledge is your best defense against these threats.
Article contributor: Alex Brown, SHAZAM Security Analyst
SHAZAM, Inc. and ITS, Inc. provide this blog for general informational purposes only. Our blog may be shared by a direct link wherein the content remains as originally presented and has not been altered. SHAZAM, Inc. and ITS, Inc. assume no responsibility for errors or omissions in the contents on the blog. By using this blog, reader agrees that the information published does not constitute nor is a substitute for legal advice which should only be sought from a qualified, licensed attorney.
comments powered by