FRAUD RESOURCE CENTER
En español | Older Americans are increasingly active on social media, especially Facebook, where Baby Boomers and members of the Silent Generation represent the fastest-growing groups of users, according to 2019 survey data from the Pew Research Center.
But be careful where you click: Fraud is prevalent on popular social networks like Facebook, Twitter and Instagram, and getting more so.
Consumers filed more complaints to the Federal Trade Commission (FTC) about scams originating on social media in the first half of 2020 than in all of 2019, and they lost nearly as much money — $117 million in the first six months of 2020 versus $134 million the entire previous year.
Many on these cons simply put a social media spin on older online frauds. Your social feeds are as likely as your email spam folder to be full of fake corporate giveaways, bogus investment tips, nonexistent government grants, supposed sweepstakes winnings and ads for questionable health aids, intended to get you to send money or click on malware-loaded links..
There's more: Romance scammers create legitimate-looking profiles on social media and use them to woo potential victims (a practice known as catfishing). Nearly a quarter of online shopping scams originate with deceptive social media ads, usually on Facebook or Instagram, the FTC says.
Crooks are also customizing social media cons for the coronavirus pandemic. For example, hackers hijack Facebook accounts and, disguised as your actual friends or relatives, send out private messages with purported links to urgent health information or COVID-19 "relief grants."
Other scams are tailored to exploit how we interact on social media. For example:
• Fake celebrities. We’ve become so used to seeing what our favorite stars are up to on social media that it might seem natural for them to get in touch to solicit charitable donations, offer backstage passes or profess their gratitude personally. It’s not. Social networks swarm with impersonator accounts set up to hoax or fleece fans.
• Facebook quizzes. They may seem like harmless fun, but the Better Business Bureau and digital-security companies warn that swindlers sometimes use quizzes to pry loose personal data. Launching a quiz app may give its creators permission to pull information from your profile, offering hackers an opening to steal your online identity.
And look out for innocent-sounding queries about your high school mascot or first car. Con artists know these are common security questions that banks and financial firms use to protect accounts.
• “Is that you in this photo/video?” If you get a message like this with a link to purported online evidence of embarrassing behavior, repress your curiosity and hit “delete.” Clicking the link takes you to a site that mimics one of the popular social networks and prompts you to log in, a ploy for hackers to get your credentials and access your account.
Similarly, scammers have been known to use Facebook’s tagging feature to quickly spread malware via links to supposedly salacious videos. As you connect digitally with friends and family, take these steps to help protect your online identity.
- Posts and ads that offer super low prices on popular name-brand goods or free trials of miraculous health and beauty aids. If a discount or product claim seems too good to be true, it probably is.
- A post that directs you to another website to claim a prize, win a gift card, take a quiz, fill out a survey or see a scandalous video.
- Posts and direct messages that ask for money, even if they appear to be from someone you know; that person’s profile may have been hacked or duplicated
- Do check and regularly update the privacy settings on your social media accounts. Use options to limit access to your posts to people you know and to restrict permissions for apps to access your profile information.
- Do use different passwords for different accounts, and set up two-factor authentication, which ensures that only you can access an account even if someone else gets your password.
- Do think carefully about what you post about yourself and your whereabouts. Hackers can use personal information for identity theft, and a seemingly innocuous vacation photo can signal to criminals that your home is empty.
- Do be wary of strangers who attempt to forge close bonds or romantic relationships on social media, and cut off contact if they start asking for money.
- Don’t include personal information, such as your home address or phone number, in your public profile.
- Don’t accept friend requests from strangers.
- Don’t download apps via links on social media unless you need them and can confirm they come from a trusted source.
- Don’t take social media quizzes or surveys that ask personal questions, even ones that sound innocuous.
- Don’t click on suspicious links, even in posts from people you know — their accounts may have been hijacked. Website safety checkers such as Google Safe Browsing or VirusTotal can tell you if a link carries a phishing or malware risk.
- Don’t log in to Facebook or other social media sites while using a public Wi-Fi network. Many are poorly secured, leaving openings for scammers to intercept personal data associated with your accounts.
- If you are victimized by a social media scam, report it to the FTC and the FBI’s Internet Crime Complaint Center.
- Facebook’s Help Center has a section on account security that includes tips on protecting your information and avoiding scams. You can report suspicious posts, messages and profiles to Facebook.
Updated October 22, 2020
About the Fraud Watch Network
Whether you have been personally affected by scams or fraud or are interested in learning more, the AARP Fraud Watch Network advocates on your behalf and equips you with the knowledge you need to feel more informed and confidently spot and avoid scams.
More From the Fraud Resource Center