Social media has long been a favorite haunt of scammers. In this new phishing scam, con artists are going after businesses and individuals with verified accounts – a measure that was supposed to help prevent scams!
How the scam works: You receive a direct message or email that appears to come directly from Twitter, Instagram or another social media platform. It states that your verified account has been flagged and you’ll need to reverify it. You could allegedly lose your verified account badge if you don’t respond. For example, some Twitter users have reported receiving direct messages or emails stating that their blue verified badge has been marked as spam and, if they don’t appeal the decision, it will be deleted.
The scam message asks you to click on a link or download a form to start the appeal process and reverify your account. If you click, you might download malware onto your laptop or mobile device. This can collect your personal data without your knowledge. If you fill out forms or reply with the requested information, scammers might be able to hack your account or use your personal information to commit identity theft.
How to avoid social media scams
- Understand how social media platforms work. Get to know a social media platform’s policies before you start using it. For example, Twitter never sends emails with a request for login credentials, nor do they send emails with attachments. If you are clear on the platform’s policies and procedures, you’ll be less likely to fall for correspondence from a scammer – even if it looks legit.
- Be wary of unsolicited messages. Whether it’s a DM, an email or a message on a messaging app, be skeptical about out-of-the-blue messages, especially if they ask you to click on links or open attachments. Instead, go straight to the source – the platform’s official customer service center – to find out if the message is real.
- Look for the signs of a scam. Poor spelling, bad grammar, pressure to act now and scare tactics are all red flags that indicate a scam.
- Always protect your personal information. Never give your log-in credentials or other personal information to a stranger without verifying the legitimacy of their request. Most reputable companies won’t ask you for your log-in information.
For more information: If a scammer has contacted you, report your experience to the Scam Tracker (https://www.bbb.org/scamtracker) of the Better Business Bureau (BBB) to help other consumers recognize the con. Read more about spotting fake social media accounts on bbb.org and learn more ways to protect yourself by visiting BBB.org/AvoidScams.