Beware Most Common Social Media Phishing Scams 2024
Stay alert to the top social media phishing scams: Email tricks, TikTok frauds, fake LinkedIn jobs, in-app phishing, and fake customer support. Learn to recognize and protect yourself from these common social media phishing scams in 2024. Your safety online starts with security awareness!
2024-03-28
What is social media phishing?
Social media phishing is a type of scam in which hackers try to fool you into giving away your personal information, like passwords or bank account numbers, by pretending to be someone else online. They might act like they're from a company you trust or a friend you know.
This scam happens on platforms where people hang out online, such as Facebook, Twitter, Instagram, and LinkedIn. The goal is to trick you into clicking on bad links or giving away your private details without realizing it. It's like someone dressing up in disguise to trick you into thinking they're someone else, so you'll trust them with your secrets.
Social media phishing scams have escalated in 2024, leading to significant financial losses, operational disruptions, and reputational damage for organizations.
In December 2021, nearly 470 customers of OCBC Bank collectively lost S$8.5 million to phishing scams, prompting the bank to issue full goodwill payouts to all victims.
A 2023 survey revealed that 56% of organizations identified operational disruption as the most concerning impact of cyber incidents, underscoring the significant effect on business continuity.
In 2023, a deepfake video falsely depicting Singapore's Prime Minister Lee Hsien Loong promoting a cryptocurrency scam circulated online, leading to public confusion and necessitating official clarifications to mitigate reputational harm.
These examples underscore the critical need for robust cybersecurity measures to protect against the evolving threat of social media phishing scams.
5 most common examples of social media phishing scams
Here are the five most common tricks that bad guys use on social media to try to hack you:
Email Notification Phishing
Imagine getting an email that looks like it's from a social media site you use, saying you need to reset your password or update your info. You click the link in the email, but instead of taking you to the real site, it takes you to a fake one that looks just like it. When you type in your details, the bad guys get them instead and compromise your account. Always double-check where an email is coming from before you click!
Tiktok Scams
TikTok is full of fun videos, but be careful! Some people might message you or leave comments promising free followers or gifts if you click a link or share your password. These offers are traps to steal your info or hack your account. Remember, it probably is if something looks too good to be true.
Fake Job Scams in Linkedin
On LinkedIn, you might see perfect job offers, especially if you're looking for work. But some of these "jobs" are just fake job scams. They might ask you to pay for training or give personal information before they "hire" you. Real jobs won't ask for money upfront. Always check the company and the person offering the job to ensure they're legit.
Phishing in-App
Sometimes, even inside a trusted app, you might get messages or see posts that try to trick you. They could ask you to visit a website or log in somewhere to get a special deal or prize. But once you do, they've got your info or even access your device. Be wary of any links that ask for your details, even if they seem to be from within an app you trust.
Customer Support Scams
Ever seen a post or gotten a message from someone claiming to be customer support? They might say there's a problem with your account and ask for your password to "fix" it. Real customer support will never ask for your password in a message. If you're not sure, contact the company directly through their official website or customer support line.
How to Spot Social Media Phishing
Staying safe on social media means knowing how to tell if something's fishy. Here's how you can spot phishing emails like social media scams:
- Look first at the source of the message: Always check who sent you a message or email. If it's from a company or a friend, it should come from an email or account you recognize. If something feels off, like an almost-right email address with extra letters or numbers, be careful. That's a classic sign of a phishing attack.
- Check URLs and sentence structure: Look closely at any links (URLs) and how sentences are put together. Don't click if a link doesn't match the company's real website address. And watch out for messages that are hard to read or have many mistakes. Real companies check their messages carefully, so many errors are signs of phishing scams.
- Don't share sensitive information unsafely: Never share your info, like passwords or bank account numbers, if you're not 100% sure it's safe. Real companies will never ask for your password over email or social media. If you need to update your info, go directly to the official website by typing the address into your browser, not by clicking a link in a message.
Watch this video below and learn how criminals use Instagram scams to trick people.
Please also watch our YouTube video below and see how Keepnet Labs’ Phishing Simulation can help your to experience social media phishing in a safe environment and learn their tactics:
Editor's Note: This blog was updated on December 5, 2024.