Identifying and Avoiding Social Media Scams

As social media platforms and channels have grown in popularity, they have become major targets for cybercriminals. Scams are prevalent across Facebook, Twitter, YouTube, and LinkedIn. Social media platforms encourage users to share information and connect with other people, which can create risks for becoming a victim of a scam.

Keep these tips in mind: 

Treat links with suspicion

When online, be careful what is clicked or tapped. Most bad things that can happen online — from viruses to ransomware to identity theft — are initiated with a malicious link of some kind which may trigger a malware download or reroute to a fake website designed to steal login details. 

For example, if you receive a message that appears to be from a friend, inviting you to click a link to something such as a gift card or an interesting video, treat it with caution. 

Protect your information

Utilize privacy settings to keep your personal profile information safe. Avoid accepting every invitation to connect. Social networking is about making connections, but social media platforms contain many fake accounts that are designed to harvest data.  

Verify requests

Be sure to verify any request that comes in before you act upon it or ask the person in an offline setting if it was them who sent the request. When cybercriminals successfully hack an account or gather enough data they will often pose as a co-worker or acquaintance. By appearing a trusted individual, they have a better chance of tempting you to click on a link, share information or even potentially send money. Many scammers will also pose as frequently visited companies sites or pages to try and acquire personal information. 

Two factor authentication

Utilize two-factor authentication whenever possible. Two-factor means that when you log in, you provide two proofs of your identity. For example, at U-M, this means using a password plus Duo as a second authentication, but this can be done several different ways for personal accounts, such as confirmation through text message. An attacker who gets your password is less likely to successfully log in as you without your second authentication.

If it looks too good to be true, it probably is

Oftentimes, there are links that pop up on a user’s timeline or in a direct message that promises an amazing discount, gift card, new followers, etc. but anything that looks too good to be true, usually is. Always treat these advertisements with caution.

If you believe you are a victim of an online scam or identity theft, the State of Michigan Attorney General and law enforcement recommend the following actions to help protect and recover your identity:

  • Start by reporting the scam to the Michigan Attorney General’s Consumer Protection Division by calling 877-765-8388. When you call, you will speak to one of their Complaint Specialists.
  • If you lost money or other possessions in a scam, file a police report with your local police department or if you are a U-M student, employee, or faculty member call DPSS at 734-763-1131.