Sift Logo Several blue dots forming a sphere to the left of the word Sift in italic font.
  • Products

    Digital Trust & Safety Suite

    Fight fraud without sacrificing growth

    Learn more →

    Passwordless
    Authentication

    Account
    Defense

    Content
    Integrity

    Payment
    Protection

    Dispute
    Management

    Sift
    Connect

    PSD2
    Solution

    New Releases & Enhancements

  • Partners

    Sift Partner
    Program

    Join the leader in Digital Trust & Safety

    Learn more →

    Commerce platform partners


  • Industries

    One solution, many applications

    Learn how Sift can work for your industry

    Learn more →

    Featured industries


    Fintech

    Retail

    Food & Beverage

  • Customers

    See case studies by industry

    Sift works across every use case and region

    Learn more →

    Featured customers


  • Resources

    Explore our resources

    Access trends, guides, and insights from Sift

    Learn more →

    Blog

    Ebooks

    One Pagers

    Demos

    Videos

    Webinars

    Infographics

    Podcasts

    Trust & Safety University

  • Fraud Center
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more →

    Our mission: Help everyone trust the internet


    About

    Careers

    News & Press

Request a demo
Products
  • Digital Trust & Safety Suite
  • Passwordless Authentication
  • Account Defense
  • Content Integrity
  • Payment Protection
  • Dispute Management
  • Sift Connect
  • PSD2 Solution
  • New Releases & Enchancements
Why Sift
  • Salesforce
  • Magento
  • Shopify
Industries
  • Fintech
  • Retail
  • Food & Beverage
Customers
Resources
  • Blog
  • Ebooks
  • One Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Fraud Center
About
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a DemoSign In
  • Blog Home
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

5 Scams Sneaking Into Social Media

By A.K. Carroll  / 

26 Sep 2016

You’re probably used to promotional posts slipping into your Twitter feed and personalized ads plastering the side panels of Facebook. You try not to notice them, the way you try to avoid ogling billboards on the freeway, but every now and then you simply give in and click.

social-media
Image: Jason Howie

Proceed with caution. That unsolicited content you’ve come accustomed to seeing on social media may have a more sinister intention than simply catching your eye. On the other side of a quick pic or a clearance advert could be a sales team or social media manager. Or it could just as easily be a fraudster poised to attack.

Experts at Proofpoint, a SaaS cybersecurity company, estimate that the number of phishing attempts on social media networks like Facebook, Twitter, Instagram, and LinkedIn have gone up by 150% in the last year, leaving hundreds of thousands of users vulnerable to identity theft and fraud. Here are five of the latest scams to hit the social media scene:

Instagram money flipping scams

How does a mobile app dedicated to sharing photos and videos suffer from over 4,500 scams in less than three years? It’s easier than you’d think. Take your average unsuspecting user: she’s posting a new pic of her Siamese cat sleeping in a basket and casually scrolling through her newsfeed when she comes across an eye-catching photo of a big old wad of cash. Beside it is a caption touting how unbelievably easy it is to turn hundreds of dollars into thousands—instantly.

The user who posted the photo has followers, likes, and comments related to the money flipping scheme—all of the signs of being legit. There may even be thank-yous and follow-up testimonials. So our cat-loving friend gives it a try, wires the user the initial payment or shares the PIN of a pre-paid debit card, and before you know it she’s out $100 or more. Though money flipping schemes pop up on Facebook, Twitter, and other social media platforms, they’ve found a sweet spot on Instagram, where they cluster around the accounts of financial institutions and banks.

Facebook and like-farming

With 1.6 billion monthly users and growing, Facebook tops the chart as a hotbed for online scams. Cisco’s 2016 annual security report detected over 33 million scams on the platform. Facebook scams take the form of pop culture quizzes, free product contests, salacious fake news stories, photos of baby otters—anything to get you to click that thumbs up button. “Like-farming” is the term given to this process of cultivating likes and shares.

Once a dummy post garners sufficient attention, the scammer gives it a minor and malicious edit. It may be a link to malware, a link to a phishing site, or a pop-up requesting credit card information before a reader can finish viewing the story. Once you’ve liked a story it goes into your newsfeed and often shows up on your friends’ feeds as well, continuing the cycle. We should all make sure to be selective rather than reflexive when it comes to liking posts.

Facebook and the Ray-Ban scam

When is a charity sale not a charity sale? When there are more people apologizing for faulty Facebook invites than there are purchasing products. Sandwiched between legitimate invitations to play Candy Crush and attend Toby’s Tiny Tots party this summer, there have been copious invitations to join less than legit Ray-Ban charity events (16,500 cases and counting). Schemers behind the scam set up fake Ray-Ban Web stores and then promote them on Facebook, either by using fake accounts or by hacking into existing accounts and then spamming the user’s contacts with invitations to the brand-name event.

What might result in a mere annoyance for the invited (i.e., spammed) contacts and an embarrassment for the user whose account has been hacked, can end up being something much worse for the an unsuspecting contact who attempts to purchase a discounted pair of shades and then loses not only the price of the purchase, but also the security of their account (not to mention their trust in Ray-Ban).

Fake Netflix email scams

When Netflix launched internationally earlier this year, they opened the door to a bigger badder black market for scammers. New users in Australia received convincing fraudulent emails indicating that their accounts had been frozen and redirecting them to phony websites where they were prompted for usernames, passwords, and credit card information.

Other Netflix hacks promise a discount and prompt for login information, which they then sell on the black market for as little as a quarter. Because Netflix already allows for up to four accounts and many users share with roommates, family, and friends, victims are often unaware that an unwelcome guest is also using their account.

Customer service scams on Twitter

When is customer service less than helpful? When it’s being conducted via Twitter by a fraudster posing as a source of assistance. Using duplicate—or nearly duplicate—handles (often you’ll see the deviation of an extra letter or additional dash or underscore), hackers solicit users with Tweets that furnish links to external phishing sites. Hackers have also inserted themselves into conversations between users and actual Twitter accounts. This is particularly prevalent in the realm of online banking, where three fake NatWest accounts were caught in a single week.

Hackers may directly ask the user for personal information, such as login, password, account number or PIN, or they may lure users to phishing sites that automatically prompt for login and account information. It’s easy to be fooled, especially if the social media site is considered a “safe space” by a user who is caught off guard. Many fake accounts include avatars, chat history, and followers, so it’s best to check twice when passing private information. A blue tick next to the name on an account’s profile (and next to the account name in search results) indicates that the account has been verified by Twitter.

Related

content abusefeaturedscams

A.K. Carroll

Amanda is a lover of words, wisdom, tiny spoons, and crossword puzzles who writes about IoT, culture, connection, and San Francisco. A freelance writer with an MFA in creative non-fiction, she is fascinated by people, and driven by a desire to understand what is and uncover what could be.

  • < prev
  • Blog Home
  • next >
Company
  • About Us
  • Careers
  • Contact Us
  • News & Press
  • Partner with us
  • Blog
Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
Social

Don't miss a thing

Our newsletter delivers industry trends, insights, and more.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift All Rights Reserved Privacy & Terms

Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.