Social Media Risks

Social media has profoundly changed how we interact with each other, as Facebook, Twitter, Instagram and other networks have become integral to daily life. But the personal information we disclose on these sites, and their massive popularity—an estimated 1 billion-plus people are active on Facebook—makes social media a prime target for cyber-criminals engaging in identity theft and other scams.

Common social media scams, and ways to avoid them, include:

  • Clickjacking – Don't be fooled by posts instructing you to copy and paste text into your browser to receive a too-good-to-be true offer or see secret photos or video. This may install malware on your device and enable criminals to steal your personal information. In another variation of this scam, you'll be instructed to upgrade your software in order to view a video, but clicking on the link may instead install harmful malware. If you need to upgrade programs or plugins, always download the update directly from the software manufacturer's website (i.e.,
  • Card cracking – Beware of a tweet or Facebook post offering a big cash prize, or a contest offering gifts card to those who enter. Card cracking is a growing social media scam targeting millennials, in which criminals make a tempting offer and ask for the victim's debit card and/or online banking information in exchange, then use this information to withdraw money from victim's accounts.
  • Fake friends and impostor accounts – Many have had their Facebook identities stolen by criminals who copy their photos and other information from the profile, then open a clone account in their name. The criminals pose as the victim and reach out to their friends and ask for money—a frequent ruse is an urgent message that appears to come from someone you know, claiming to be stranded in a foreign country and pleading for funds—or push bogus business opportunities. This scam targets Facebook members with weak privacy settings; the best defense is to avoid “friending” people you do not know.
  • Crowdfunding scams – Social media fundraising sites such as Kickstarter, Indiegogo, and Gofundme will raise an estimated $34 billion for entrepreneurs and artists in 2015, but they have also been victim to scam artists who launch bogus campaigns and pocket the funds without delivering the promised product, or use the money for other purposes, bilking investors.
  • App and software permissions – Every time you install an app on your smartphone, or download a program or plug-in on your computer, you must accept or allow permissions. It's easy to accept these permissions without reading the fine print, but this can compromise your privacy and security. Beware of in-app purchases, which may trigger unwanted and excessive costs, especially if children are using the phone; enabling apps to access your WiFi capability, as this can lead to data theft; and allowing apps to access your personal data, contacts, and calendar.
  • Games – Be cautious when clicking on links to take quizzes, especially ones that ask for your phone number or other information. Criminals can use the number to bill charges to your account.

Always question what you are reading. Does it sound credible or plausible? Does the post sound like something your friend would post? When in doubt, contact the person directly and ask before clicking.