Social Media as a Newer Cybercrime Platform for Targeting Businesses
Scammers go where the people are. Today, more than half of the world’s population uses some type of social media, according to the Digital 2020: July Global Snapshot. The Pew Research Center’s Social Media Fact Sheet reports that 73% of Americans use YouTube, 69% use Facebook, and 37% use Instagram.
The 2019 Current State of Cybercrime report revealed that many cybercriminals have been relying on social media to perpetrate crimes of fraud. The rate of social media fraud attacks has increased by more than 43% from 2018 to 2019, and criminals are discovering new ways to exploit social media users.
Javelin Strategy and Research found that account takeover caused more than $3.5 billion in economic losses. This company has also found that people who are active on Facebook, Instagram, and Snapchat are 30% more likely to be victims of fraud due to their increased exposure and information sharing.
There are various types of attacks that scammers use to infiltrate social media accounts. These attacks often breach users’ accounts through stolen authentication credentials. The information obtained from these accounts is then used to:
- Pull personal data from the hacked accounts’ friends and colleagues
- Steal personal information about the user
- Steal valuable information about organizations and their competitors
- Take over the account and pretend to be the social media user
In addition to the prevalence of social media accounts, another attractive feature of this type of scam is that the scammer has a sense of anonymity. He or she can create a fake social media profile while joining communities you trust. It can be nearly impossible to track down many of these scammers since their information is not usually verified when they create an account.
What Are the Main Scams on Social Media?
According to the Federal Trade Commission (FTC) and a Data Spotlight, consumers reported losing approximately $117 million to scams during the first six months of 2020 that started on social media. Some of the most common social media scams include the following:
In a romance scam, the scammer targets people looking for a romantic connection by using social media messaging or by making a profile on a dating app. Approximately half of romance scams in 2019 started on social media, most often on Facebook or Instagram. Additionally, people reported losing $201 million to such romance scams in 2019 alone.
In this scam, the scammer usually invests time into developing trust and a relationship with the victim. Then, they ask for money for reasons such as:
- Medical bills
- Being stuck at an airport
- Going to jail
- A problem with their child or grandchild
- Travel documents
Even though this is a romance scam, scammers may still target small business accounts and quickly try to get you to hand over your personal account details or take the messages offline.
Employment Offer Scam
Many small businesses have suffered financial setbacks in 2020 due to the COVID-19 crisis and economic downturn. This has increased scammer activity purporting to offer new jobs or opportunities to earn money. However, these so-called opportunities are often just another lure for a scammer to try to get your money or personal information.
With many people concerned about the coronavirus, scams promising masks, hand sanitizer, at-home test kits and other related items have increased tenfold. Supply chain problems may have caused you to look for other vendors to supply your business. It’s therefore no wonder that approximately one-quarter of the scams for undelivered goods reported to the FTC for the first six months of 2020 originated on social media.
Some scams have centered around valid forms of relief that the government has issued in light of the pandemic while others have promised relief that doesn’t exist. Victims may hand over their money or personal information only to find a scammer using it for nefarious purposes.
How to Identify and Avoid Common Social Media Scams
In addition to staying aware of these latest social media scams circulating on Twitter, Facebook and LinkedIn, other ways to identify potential scams include:
- The message comes from someone you don’t know
- The scammer asks for your personal information
- The scammer requests you send money, gift cards, or something else of monetary value
- The messenger pushes for an immediate commitment
- The message has a sense of urgency, such as stating that you must “act now” or listing a date when the offer will expire
- The messenger can never meet in person because they “work overseas,” “are in the military” or in an area with a bad connection
- The scammer professes love quickly
- The messenger constantly has emergencies
Some best practices for avoiding common social media scams include:
- Keep your account information private
- Use the highest social media settings
- Limit your friends’ list to people or businesses you know in real life
- Bookmark URLs you use for your corporate financial accounts
- Do not access account information from unsecure connections
- Use a username search tool to get information about an unknown owner if you confront a suspicious account
- Look for messages about unauthenticated account access
- Use antivirus software on all your devices
- Verify messages from others off social media
- Refuse to transfer money, send gift cards, or wire money to anyone you meet online
- Report the scammer to the authorities
Social media can help bring people together and give you an affordable way to market your services. However, you must remain vigilant to prevent yourself from falling victim to these scams. The tips above can help you take advantage of the benefits of social media without putting your business in jeopardy.
About the Author: Ben Hartwig is a Web Operations Executive at InfoTracer who takes a wide view from the whole system. He authors guides by sharing the best practices and does it the right way!
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.