Social media has revolutionised communication. With nearly 3 billion users on Facebook alone, all social media platforms have become indispensable tools in our daily online lives. Unfortunately, as these platforms become more integrated, they create an environment rife for opportunistic fraudsters to operate without consequence.
Each year, the levels of fraud beginning on social media increase – not only through scams, but also through networks of fraudsters helping each other facilitate their schemes both online and offline. Considering the ubiquity of social media, these threats are unlikely to disappear any time soon. It is up to individuals and businesses to stay vigilant.
How Fraudsters Are Taking Advantage of Social Media
Identity Theft
Identity fraud is on the rise across the world – particularly in South Africa – and social media is just one of the several avenues used to steal personal information. Social media is all about sharing information. For identity fraudsters, the more personal the information you share, the better. Many users have discovered the dangers of sharing sensitive information online, but that hasn’t stopped criminals from inventing new ways to attempt to steal it.
Links, free downloads, or special offers are just some of the ways criminals attempt to steal your information online. Once enticed by a seemingly inconspicuous offer, you may click on a link that redirects you to a login page designed to look just like your account login. However, once you enter your username and password, it is sent straight to the fraudsters who use that to hack into your accounts. These links may also download malware onto your device that gathers information without your knowledge. When on social media, the saying ‘if it sounds too good to be true, it probably is’ definitely applies.
Scams
Many people have a tendency to trust the information on social media and not to question what they see, even when they have no idea who is on the other end of the conversation. This is an ideal environment for scammers.
Scammers may create business pages for a fake company to entice people to pay for products or services they will never receive. They may promote a business or investment opportunity online to encourage you to invest your money, only to find any trace of the interaction has disappeared once your money is gone.
Romance scams are becoming increasingly more common too, ranking as one of the top social media scams. Scammers will create fake profiles – also known as catfishing – to lure victims into an online ‘relationship’. Once they have gained the individual’s trust, they will claim they need money for some emergency or crisis. Romance scams often continue for months as victims remain unaware of where their money is going and who they are really sending it to.
Communication
Although conducted online, social media has also become a tool used by criminals to advance fraudulent activity offline. Networks of fraudsters appear on Facebook or WhatsApp groups where the criminals gather to share information about schemes or trade data gathered illegally.
Some of these groups, particularly on Facebook, have amassed thousands of members who use the marketplace and stories features to ask for help with a scheme or sell credit data. On WhatsApp, although the groups are smaller (limited to 256 people), the end-to-end encryption on all messaging offers criminals a ‘safe’ method of communication. YouTube is used as a training platform – fraudsters will post tutorials on various illegal activities, like how to use a card skimmer. Each platform is used for a slightly different purpose, and many fraudsters operate across multiple platforms, expanding their reach as far as possible.
What Can Social Media Platforms Do?
Some people have argued the onus is on the platforms themselves to monitor activity and prevent problems like fraud from spreading through the tools they have created. However, considering the size of these platforms and the amount of daily activity, preventing fraud on social media is almost impossible.
Many sites have reporting tools that help identify illegal activity, but beyond those reports, it is incredibly difficult to identify, confirm, and remove illegal content. This is especially true of messaging platforms that have protections in place to prevent anyone from reading private conversations. New ways of getting around controls are being developed and shared every day, making it impossible for these companies to keep up.
Ultimately, it is up to individuals to use these platforms responsibly and avoid becoming a victim.
How to Protect Yourself Online
Strong passwords
Your first line of defense for any online activity, including social media, is to use strong passwords and never share them with anybody. Without access to your password, a criminal’s job is far harder and you are less likely to become a target. Strong passwords should contain a mix of capital letters, numbers, and special characters, and they should be long enough to dupe password hacking software that cycles through millions of password possibilities. You should never use your password for more than one account. If someone can decipher one password, they will have access to all your information – not just the one compromised account.
Keep accounts private
Social media platforms provide various security options to protect your accounts – take advantage. Make all your accounts completely private so any information you share can only be seen by people you know and trust. It also gives you complete control over your account and limits the ability of criminals to contact you and pull you into a scam.
Limit what you share
While the purpose of social media is sharing personal information about your life with friends and family, there should be a limit to how personal that information is. As we all know, once something is on the internet it is there forever, and you never know who will be able to find that information later on – even if you remove it. This goes for identifying information like identity numbers as well as answers to common security questions – maiden name or first pet’s name, for example.
Don’t talk to strangers
The policy ‘don’t talk to strangers’ applies in the offline world, but you should be applying the practice online too. Short conversations are usually harmless – that is the purpose of social media after all – but be wary of strangers attempting to send you friend requests or asking personal questions online. If you are contacted by someone you have never met before, you can never be sure who is on the other side of the conversation.
Don’t click any suspicious links
The internet is inundated with links. Linking is an incredibly useful tool, but it is also the downfall of many social media users. As mentioned before, scammers will send links with a convincing reason to click them (a special offer for example), but that link may download malware or take you to a website that encourages you to input sensitive information. Examine any link before you click it (shortened links are a no-go) and don’t click on random links you come across in your feed, in the comments, or through messaging apps. Even links that seem legitimate – such as Facebook quizzes – can be traps to steal your information.
Delete old profiles
In the early days of social media, when the risks were not as apparent, you may have shared some personal information you would not be willing to share now. Although you may have forgotten what you shared on old social media accounts, the internet remembers, and fraudsters use that to their advantage. Inactive accounts can provide a wealth of information you may not remember you shared before. They can also be hacked, corrupted, and used to spread nefarious links to your friends and family in your name. Delete all old social media accounts permanently before opening a new account.
Double check any suspicious communication
If you have followed the cardinal rule ‘don’t talk to strangers’, you should only communicate with people you have already met offline. If you receive a suspicious or out-of-character communication from someone you are friends with (especially ones containing any links or business opportunities), double-check with them offline to determine whether they really sent the message or if their accounts have been hacked.
Install anti-virus software
Malware is always a threat online. If you have been duped by a suspicious link or accessed a virus-ridded website, anti-virus software is your second line of defence. By scanning for malware regularly and detecting potential malware before it is downloaded, you can take the guesswork out of which applications or links are malicious and which are safe. Make sure the security software is always up to date and investigate any problems found as soon as they arise to prevent any further risks.
Do your research
With all the threats of the internet mentioned here, it is still a valuable informational tool. If you suspect an individual or business you come across on social media may be part of a scam, do a quick online search combined with the word ‘scam’ to see if any results turn up. Anyone else who has been a victim of an online scam is likely to share their experience to protect others from succumbing to the same fate.
Stay vigilant
Ultimately, when you do anything online – but especially on social media – always remember that you can never be sure of who you are dealing with. In an environment where it is easy to conceal your identity and difficult to determine what’s true and what’s not, your first action should always be a cautious one. Never let your guard down online – just one mistake can lead to a string of negative consequences online and offline.