Stay Safe from Social Media Scams

Social media is a powerful tool for connection, branding, and business—but it’s also a prime hunting ground for scammers. From phishing links to fake profiles, cybercriminals are constantly evolving their tactics. This guide will help you understand the risks and configure your settings to stay secure.

Common Social Media Scam Tactics

1. Phishing Links in DMs
   Scammers send malicious links via direct messages, often impersonating someone you know or a trusted brand.

2. Fake Profiles and Romance Scams
   Fraudsters create fake personas to build trust and extract money or sensitive information.

3. Account Takeovers
   Using stolen credentials from data breaches, attackers hijack accounts to scam your followers or access private data.

4. Impersonation and Clone Accounts
   Duplicate profiles are used to trick your contacts into sharing information or sending money.

5. Social Engineering
   Attackers use publicly available information (like your pet’s name or birthday) to guess passwords or answer security questions.

Essential Security Settings to Enable

1. Use Strong, Unique Passwords

• Minimum 10 characters, including numbers and symbols.
• Avoid reusing passwords across platforms.
• Use a password manager to store credentials securely

2. Enable Two-Factor Authentication (2FA)

• Adds a second layer of protection using a code sent to your phone or an authenticator app.
• Platforms like Facebook, Instagram, LinkedIn, and X (Twitter) all support 2FA

3. Lock Down Privacy Settings

• Facebook: Limit post visibility to “Friends” or “Friends of Friends.”
• Instagram: Set your profile to private if not used for business.
• X (Twitter): Disable discoverability by email/phone and consider protecting your tweets.
• LinkedIn: Limit who can see your connections and profile details

4. Enable Login Alerts

• Get notified when your account is accessed from a new device or location.

5. Disable Location Sharing

• Turn off location tagging in posts and app permissions to avoid revealing your whereabout

Smart Habits to Adopt

• Be Skeptical of Messages: Even from known contacts—phishing often comes from compromised accounts
• Don’t Share Sensitive Info: Avoid posting your full birthdate, address, or travel plans.
• Avoid Using Social Logins: Don’t use Facebook or Google to sign into third-party apps.
• Report Suspicious Activity: Always report fake profiles or spam messages to the platform.
• Audit Your Friends List: Remove unknown or inactive connections regularly.

What to Do If You’re Targeted

• Don’t click suspicious links—verify with the sender via another channel.
• Change your passwords immediately if you suspect a breach.
• Report the scam to Action Fraud (UK) or your platform’s support team.
• Enable fraud alerts with your bank or credit card provider.