Keepnet Labs Logo
Menu
HOME > blog > beware most common social media phishing scams 2024

Beware Most Common Social Media Phishing Scams 2024

Stay alert to the top social media phishing scams: Email tricks, TikTok frauds, fake LinkedIn jobs, in-app phishing, and fake customer support. Learn to recognize and protect yourself from these common social media phishing scams in 2024. Your safety online starts with security awareness!

Beware Most Common Social Media Phishing Scams 2024

What is social media phishing?

Social media phishing is a type of scam in which hackers try to fool you into giving away your personal information, like passwords or bank account numbers, by pretending to be someone else online. They might act like they're from a company you trust or a friend you know.

This scam happens on platforms where people hang out online, such as Facebook, Twitter, Instagram, and LinkedIn. The goal is to trick you into clicking on bad links or giving away your private details without realizing it. It's like someone dressing up in disguise to trick you into thinking they're someone else, so you'll trust them with your secrets.

Social media phishing scams have escalated in 2024, leading to significant financial losses, operational disruptions, and reputational damage for organizations.

In December 2021, nearly 470 customers of OCBC Bank collectively lost S$8.5 million to phishing scams, prompting the bank to issue full goodwill payouts to all victims.

A 2023 survey revealed that 56% of organizations identified operational disruption as the most concerning impact of cyber incidents, underscoring the significant effect on business continuity.

In 2023, a deepfake video falsely depicting Singapore's Prime Minister Lee Hsien Loong promoting a cryptocurrency scam circulated online, leading to public confusion and necessitating official clarifications to mitigate reputational harm.

These examples underscore the critical need for robust cybersecurity measures to protect against the evolving threat of social media phishing scams.

5 most common examples of social media phishing scams

5-most-common-examples-of-social-media-phishing-scams.jpg

Here are the five most common tricks that bad guys use on social media to try to hack you:

Email Notification Phishing

Imagine getting an email that looks like it's from a social media site you use, saying you need to reset your password or update your info. You click the link in the email, but instead of taking you to the real site, it takes you to a fake one that looks just like it. When you type in your details, the bad guys get them instead and compromise your account. Always double-check where an email is coming from before you click!

Tiktok Scams

TikTok is full of fun videos, but be careful! Some people might message you or leave comments promising free followers or gifts if you click a link or share your password. These offers are traps to steal your info or hack your account. Remember, it probably is if something looks too good to be true.

Fake Job Scams in Linkedin

On LinkedIn, you might see perfect job offers, especially if you're looking for work. But some of these "jobs" are just fake job scams. They might ask you to pay for training or give personal information before they "hire" you. Real jobs won't ask for money upfront. Always check the company and the person offering the job to ensure they're legit.

Phishing in-App

Sometimes, even inside a trusted app, you might get messages or see posts that try to trick you. They could ask you to visit a website or log in somewhere to get a special deal or prize. But once you do, they've got your info or even access your device. Be wary of any links that ask for your details, even if they seem to be from within an app you trust.

Customer Support Scams

Ever seen a post or gotten a message from someone claiming to be customer support? They might say there's a problem with your account and ask for your password to "fix" it. Real customer support will never ask for your password in a message. If you're not sure, contact the company directly through their official website or customer support line.

How to Spot Social Media Phishing

How-to-Spot-Social-Media-Phishing.jpg

Staying safe on social media means knowing how to tell if something's fishy. Here's how you can spot phishing emails like social media scams:

  • Look first at the source of the message: Always check who sent you a message or email. If it's from a company or a friend, it should come from an email or account you recognize. If something feels off, like an almost-right email address with extra letters or numbers, be careful. That's a classic sign of a phishing attack.
  • Check URLs and sentence structure: Look closely at any links (URLs) and how sentences are put together. Don't click if a link doesn't match the company's real website address. And watch out for messages that are hard to read or have many mistakes. Real companies check their messages carefully, so many errors are signs of phishing scams.
  • Don't share sensitive information unsafely: Never share your info, like passwords or bank account numbers, if you're not 100% sure it's safe. Real companies will never ask for your password over email or social media. If you need to update your info, go directly to the official website by typing the address into your browser, not by clicking a link in a message.

Watch this video below and learn how criminals use Instagram scams to trick people.

Please also watch our YouTube video below and see how Keepnet Labs’ Phishing Simulation can help your to experience social media phishing in a safe environment and learn their tactics:

Editor's Note: This blog was updated on December 5, 2024.

SHARE ON

twitter
linkedin
facebook

Schedule your 30-minute demo now!

You'll learn how to:
tickUse comprehensive social media phishing templates to test your employee's readiness.
tickCreate phishing simulation emails directly on the user’s inbox, prevent false positive reporting, and whitelisting and save time.
tickGet detailed high-level reports, including your employees' awareness of social engineering attacks.

Frequently Asked Questions

How is phishing done in social media?

arrow down

Phishing on social media often involves criminals pretending to be someone they're not to steal your info. They might create fake profiles or send messages pretending to be from a company you trust. They'll usually ask you to click on a link to a fake website or ask for personal details directly. They're counting on your trust in your friends or familiar brands to fool you into giving up your secrets.

How social media is used as a phishing tool?

arrow down

Social media makes it easy for scammers because people often share a lot of personal info online. Scammers use this info to make their tricks more convincing. For example, if they see you're job hunting, they might send you fake job offers. Social media also lets these scams spread quickly, because people might share the scam without realizing it, thinking they're helping friends with job offers or freebies.

How can social media phishing be prevented?

arrow down

To keep safe from social media phishing, follow these tips:

By staying alert and following these tips, you can enjoy social media without falling for the tricks of phishing scammers.

  • Think before you click: Don't click on links or download attachments from people you don't know or messages that seem odd.
  • Check for signs of fakes: Look for weird spelling in URLs or messages that don't sound like they're from your friend or a real company.
  • Use privacy settings: Keep your personal info private. Adjust your privacy settings so only friends can see your info.
  • Use strong passwords: And use different passwords for different accounts. That way, if one gets hacked, the others are still safe.
  • Be skeptical: If an offer seems too good to be true, it probably is. And remember, real companies won't ask for your password or sensitive info over social media.
iso 27017 certificate
iso 27018 certificate
iso 27001 certificate
ukas 20382 certificate
Cylon certificate
Crown certificate
Gartner certificate
Tech Nation certificate