In this fast-digital era we live in, protecting ourselves from online dangers has sadly become an important part of our everyday lives. Also, with the ever-changing landscape of social media platforms, we find ourselves confronting a relentless barrage of cunning schemes and crafty ploys designed to fool folks just like you and me. I’m on a mission to identify these ongoing cyber concerns and let you know how to stay safe.
Recently, one of our vigilant readers, Claire from Roswell, Georgia, reached out to us to share a phishing scam that she received. Here’s what she had to say.
There is a new trend on Facebook and Instagram where a message shows up in your notifications. It looks like a real message from FB or IG because it’s in your notifications (and this was in my organization’s page notifications.) But it appears to be phishing. It’d be great to see a section on your website dedicated exclusively to warnings of these sneaky social media tricks. Thanks for all you do and your protection software. I signed up today!
– Claire, Roswell, GA
Scammers have begun using social media regularly to trick people into giving them money, private information, and more. This is a relatively new scam that’s showing up regularly on people’s social media. There are some red flags within these screenshots that I want to point out.
So, let’s go over what to look over, how to know if you’re being tricked, and how to protect yourself.
MORE: TROUBLING MALWARE THREAT SPREADING ON FACEBOOK AND TWITTER
What to look out for
Understanding community guidelines
Every social media platform has community guidelines to ensure the safety and security of those using the platform. There are rules about impersonating others, posting violent or offensive content, and more that would fall under the violation of those guidelines. However, if something you post or a page you run violates the guidelines, the post or page will typically be taken down immediately.
If you notice in the second screenshot above, the fake notification states, “If we do not hear from you in the next 24 hours, we may permanently delete your page, and the decision will be irreversible.” If this notification were really from Facebook, they would not have sent this person a warning and given them 24 hours to respond.
Also, phishing messages often contain grammatical errors, misspellings, or use generic greetings.
Platforms like Facebook, Instagram, TikTok, etc., will take a post or page down immediately as soon as they recognize that it violates the guidelines. They may send you a message after the fact to explain why they took the post down, but they will never give you the chance to explain yourself before they delete a post.
MORE: HOW TO CHANGE YOUR PASSWORD ON FACEBOOK
Pay close attention to the hyperlinks
If you notice again in that second screenshot above, the scammer provided a link for the person to click on to “request a review” of their page and save it from being taken down.
That link is likely a malicious link that if clicked may very well lead to you downloading malware don’t your device or take you to a fake page that would ask you to give over tons of personal information. Make sure you’re always double-checking an entire link before clicking on it. Do not click on links or download files from unfamiliar sources, especially if they are sent to you through private messages or notifications. Hover over the link to see the URL preview, but refrain from clicking if you have doubts.
Look at who is sending you the notification
If you’re getting an urgent notification from Facebook, then it would make sense for the page sending you the notification to at least have Facebook’s logo as the profile picture, right? Notice how the “urgent notification” comes from a page that just has an orange exclamation point as its profile photo. This is just another scare tactic that a scammer uses to make the notification look urgent so that the victim takes immediate action. Always verify first that a notification is coming directly from the social media platform itself.
How to protect yourself
Enable 2-factor authentication
Enable two-factor authentication (2FA) on your social media accounts to add an extra layer of security. This way, even if someone obtains your password, they would still need that second means of verifying it’s your account (e.g., a unique code sent to your phone) to access your account.
MORE: WHAT IS TWO-FACTOR AUTHENTICATION, AND SHOULD I ENABLE IT
Keep software up to date
Ensure that you regularly update your devices and apps with the latest security patches. This helps protect against known vulnerabilities that scammers may exploit.
MORE: 5 WAYS TO REMOVE CREEPY CLICKBAIT ADS FROM YOUR INSTAGRAM FEED
Have good antivirus software on all your devices
Special for CyberGuy Readers:
Final thoughts
I want to thank Claire for bringing this phishing scam to our attention. As you can see, social media platforms have become a breeding ground for tricksters seeking to deceive unsuspecting users. It is crucial to stay vigilant and be aware of the warning signs. From scrutinizing notifications and hyperlinks to verifying the source and having robust antivirus software, taking proactive measures is key to safeguarding your online presence and personal information.
Should the government be doing more to protect Americans from these types of hackers?
FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Related:
- Troubling malware threat spreading on Facebook and Twitter
- How to change your password on Facebook
- 5 ways to remove creepy clickbait ads from your Instagram feed