Top Phishing Scams on Social Media

Email phishing scams

Phishing attempts on social media have more than doubled over the past year as scammers find new ways to trick people into providing personal and financial information.

During the first quarter of 2016, ploys to glean log-in credentials, credit card and other ID-worthy information soared 150 percent over the same period in 2015, according to Proofpoint, which provides social media security services to leading companies and nearly 225 million of their individual followers on Facebook, Twitter, LinkedIn, Google+, Instagram and Pinterest.

'Disrupt Aging' — Read the book that is smashing stereotypes » 

The current reigning ruses:

1. Impostor customer care: Cybercrooks create fake customer service accounts, via slight keyboard tweaks (say, an extra underscore or character), to intercept messages tweeted to banks, e-commerce or video game producers and phish for log-in and financial account information. “The consumer poses a question to a support site and within minutes receives a response (from an impostor account) providing a link to a solution, which, of course, is also a fake,” notes Devin Redmond, vice president of social media security and compliance at Proofpoint. “The customer not only expects the response, he or she welcomes it and has incentive to follow the link.” If you choose to use social media customer care, be sure to look for the “verified” logo in all communications.

2. Live-stream lures: The bait is phony comments and promises of live video streams of popular events, such as a big football game or boxing match available only in certain markets or on pay-per-view. The hook? Links that lead to scammer-run websites, where there’s no sneak peek, only an attempt to get personal and credit card details, often under the guise of a fake free trial.

3. Fake freebies and discounts: Con artists set up legitimate-looking social media accounts that claim to offer free or dirt-cheap products and services. It’s easy pickings for swindlers to collect names, addresses, phone numbers, emails and other information that they can use for identity theft or to sell on the black market, along with credit cards “required” for shipping and handling charges.

4. Contest cons and survey swindles: In this oldie but goodie, fraudsters post promises of a prize for completing a survey, but the goal is to mine personal information. Crooks’ posts and links appear authentic with URL shorteners.

Discounts on financial services from trusted companies — AARP Member Advantages »

5. Gossip gotchas: Search terms of celebrity names, coupled with terms such as “video” and “picture,” have long been among the internet’s most typed — and most dangerous for malware. The latest celeb-centric scheme: links that promise illicit videos of Hollywood elite, sports superstars and other household names. Along with malware, many phish for credit card info.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and gain access to a network of experts, law enforcement and people in your community who will keep you up to date on the latest scams in your area.

Photo: JanWillemKunnen/iStock

Also of Interest

See the  AARP home page for deals, savings tips, trivia and more.

Search AARP Blogs

Related Posts
April 12, 2016 05:10 PM
And the winner — or maybe we should say, loser — this year is ... strawberries.
April 11, 2016 05:05 PM
Many Americans take a daily low-dose aspirin to protect against heart disease and stroke, but for the first time a federal advisory panel says taking it can also protect adults in their 50s and 60s against colon cancer.
April 08, 2016 08:00 AM
April showers? With spring cleaning and the end of tax-filing season, what really “reigns” this month are free shredding events held across the country — including dozens hosted by our Fraud Watch Network and AARP Foundation — to safely destroy unneeded paperwork that could help crooks steal your identity.