Cybersecurity Awareness: Social Media Scams

October is National Cybersecurity Awareness Month, and as our name suggests, First Security safeguards your funds. While that begins with having the best protection procedures for our online banking, mobile app, and facilities, it also encompasses educating our customers on fraud. That includes social media scams.

According to demandsage.com, Facebook alone has 3.07 billion monthly users, which accounts for about 60% of all social media users globally. To put this into perspective, that is also around 37% of the human population. Many people are on Facebook, and according to the Federal Trade Commission and the American Bankers Association (ABA), between 2021-2023, those billions of social media users lost $2.7 billion due to social media scams.

Social media is a minefield for scammers because they rely on anonymity and manipulation, which are two things that are very easy to do from a distance. When someone is not right in front of you, they can warp your perception of them. From your likes, profile, friends, comments, etc., scammers can learn your personality and discern which type of tailored, personal trick to use to con you out of your money.

Card-Cracking 

According to the American Bankers Association, card cracking is a fraud tactic in which consumers respond to an online solicitation for “easy money” and provide a debit card for withdrawing fake check deposits.

Put in simpler terms, here are the steps to a card-cracking scam:

  • You receive a message from someone claiming you can make “easy” and “real” money fast if you have a bank account and are willing to share that information with that person.
  • If you mistakenly tell this scammer your debit card number and PIN or your bank credentials, they will have access to your account.
  • The fraudster now deposits a fake check into your account.
  • Money is instantly withdrawn at an ATM.
  • The scammer gives you a kickback.
  • You call your bank to report a lost or stolen card or compromised credentials.
  • Your bank reimburses you for the stolen funds.
  • You are now a criminal accomplice.

These fraudsters utilize social media, like Facebook, Twitter, or Instagram, to target younger people. Often, victims are between the ages of 19 and 25 and are college students, newly enlisted military personnel, or single parents.

Avoid scammers by not replying to online messages about “easy and legit” money. Most of the time, if it is too good to be true, it isn't. A direct quote from the ABA is, “Keep in mind that easy money is rarely legal money.” Keep your bank account credentials, numbers, card numbers, and PINs private. When you give people access to that information, you are putting yourself at risk.

Do not file false fraud claims with your bank. Your bank has the experience, technology, and experts to detect fake claims, and filing false claims is a criminal offense. When you see posts that seem suspicious, report them. You could save yourself, a stranger, or a loved one from falling victim to a card-cracking scam.

Charity Scams

According to the Giving USA Foundation, the United States ranks number 1 on the World Giving Index, and US charities received $471 billion in donations in 2020. It is common knowledge that a American citizens tend to value assisting the underdog, so it’s not surprising to find that as a country, we are arguably the most giving. Unfortunately, generosity can be exploited, and scammers have developed a con specific to taking advantage of someone with the best intentions: fake charities.

A fraudster may attempt a fake charity scam by calling an individual directly, impersonating legitimate charities, or creating a counterfeit organization. Scammers may utilize social media, crowdfunding platforms, phony websites, emails, or go door-to-door.

As it pertains to this article, keep in mind the social media rules for detecting scams in general. Is the post asking for something urgently? Does the post contain poor grammar? Look at the social media page itself; real organizations, no matter how small, usually are easy to spot as their pages will be looked over or created by someone with experience.

If you are wary of donating, there are steps you can take to protect yourself from being scammed. You can ask the charity how your donation will be used, and you can check out the organization on the following sites:

Online Currency Scams

These scams are hard to pinpoint because perpetrators create fake profiles on WhatsApp, Facebook, Tinder, and other dating or social media sites. With fake profiles, scammers can present as anyone and trick the victim into a platonic or romantic relationship. Once the target feels comfortable, the fraudster encourages the victim to invest in a business venture using cryptocurrency.

These scams are often successful because victims trust the individual urging them to invest. Additionally, con artists evolve consistently; they do not ask outright for money because that is a major red flag. Instead, fraudsters refer their targets to fake websites, apps, or “special investment platforms,” that look legitimate. Scammers play the long game and ask for small investments initially. Fraudsters encourage the victim to invest more until the victim tries to withdraw their funds. At this point, the fake business, app, or “special investment platform” would notify the person that they must pay fees or taxes to get to their funds. Post scam, the victim is ghosted and probably out thousands of dollars.

To protect yourself against this scam, take the following precautions:

  • Watch what information you post, as this is easy for scammers to find.  
  • Don’t trust random and unsolicited messages.
  • Don’t share your personal OR financial information with strangers or people you meet online.
  • Don’t send money to people you meet on the Internet (Facebook, Instagram, X, Tinder, other dating sites, other social media.)
  • Steer clear of people who attempt to get you to invest in a “special” crypto trading platform.
  • Don’t trust people offering exclusive investment opportunities.
  • Don’t believe anyone who offers an investment opportunity that is a “sure bet.” All investment comes with risk.
  • If someone urges you to do something quickly, there is a good chance it is a scam.
  • If someone you know reaches out to you on social media about an investment opportunity, contact them via an alternative means of communication (phone call, text, etc.) to discuss their business venture.

Protect Yourself Online

The internet has done wonderful things, like connecting people across the globe, giving access to research, furthering technology, and making our lives easier. The dark side of the internet, though, lies with the criminals who utilize it to victimize others, particularly financially.

To protect yourself, keep your devices updated, including laptops, PCs, smartphones, and tablets. Using the latest security software, web browsers, and operating systems is an optimum defense against online threats.

Another way to protect yourself, particularly on social media, is to have strong passphrases, which are different than a normal password. Passphrases are generally longer and more complex. For example, a simple password might be the name of your favorite song, a special character, numbers, and random uppercase or lowercase letters. These are easy for a hacker to guess. An example of a passphrase would be taking your favorite song’s lyrics and using the first letter of each word and adding special characters, numbers, and

random uppercase or lowercase letters. For a visual, here is an example of a password or passphrase using “Jingle Bells.”

  • JingleBells123! (Password, simple and easy to figure out)
  • Jbjbjatwowfiitroaohos8% (Passphrase, random, more complex, and difficult to discern)

Keep yourself aware of fake links on social media posts. Scammers embed malicious links to download malware onto devices or to route you to a bogus website. If you are suspicious of a link, hover over it with your cursor. Most likely, fraudulent links will have almost unnoticeable changes in the URL. For example, instead of 1stsecurity.bank, it might be 1stsecurritybank.com.

Finally, on any social media, understand the privacy settings and policies. Though reading through them can be arduous, the policies tell you how the site will protect your information. When a site's protection settings or policies are hard to comprehend or locate, use another site.

If you want to learn more about the latest fraud tactics and how to protect yourself, click the link below!

Security at First Security 

Some content requires Adobe Acrobat Reader to view.