Anyone anywhere can open up their social media app of choice and create an account pretending to be their favorite celebrity, their dog, or even a cartoon character. Most of the time it’s easy to tell when someone is pretending to be someone they’re not for laughs and to gain followers.
But fraudsters aren’t looking to impersonate an actor for viral content– they’re looking to assume an identity in order to gain access to critical information that they can use to steal from businesses and consumers alike.
Fraud in the social media age
Nearly 25% of all losses due to fraud start from scams that originated on social media, according to the Federal Trade Commission (FTC). Even before the COVID-19 pandemic, we’ve spent more and more of our lives online. And whether it’s to gain followers or stay connected with family and friends, we share a lot of information about ourselves in these spaces– information that can be exploited by fraudsters.
This includes more than our hobbies and opinions on popular TV shows. Many folks who post regularly also share snippets of their jobs and where they work, often putting themselves and their employer at risk.
Most fraudsters will use this information in one of two ways: to impersonate the business using a new, fake profile or to impersonate the employee themselves.
In 2021, 45% of consumers who were defrauded on social media reported that the scam was related to online shopping. These consumers ordered products from ads they found on social media– only for the products to never arrive. When this happens, customers have a negative perception of the business, even if they weren’t at fault.
And for employees that are targeted, fraudsters can take the information posted online and create a fake profile on various freelancing websites. They’ll then take on projects they have no intention of actually completing, hurting the employee’s reputation in the process.
Spotting fraud on social media
Traditional fraudsters– or ones who are looking to snap up easy targets– can be pretty easy to spot. They’ll usually have profiles with no profile picture, very few connections, and even fewer posts. These profiles will also tend to be fairly new and littered with grammatical or spelling errors.
A fraudster who is looking to target someone specifically because of where they work or what they do will put more of an effort into making their profile look legitimate. Whether it’s by purchasing a fake profile that someone has already curated or by impersonating someone in your network, the fraudster will do what they need to in order to gain your trust and gain access to your knowledge or network.
Preventing social media fraudsters
It’s just not possible to prevent or deter all types of fraud, but it is possible to make things more difficult for fraudsters that are targeting you:
Insist that all business communications take place on internal tools only.
Your boss messages you on LinkedIn– they’ve been locked out of an important system and need your login credentials immediately in order to help an important client. Or maybe a coworker DMs you on your company’s Instagram account and requests information about an upcoming project that they insist they need right this second.
Even if you’ve previously established that the people reaching out to you are who they say they are, it’s just best practice to insist that any business communications take place within internal tools only. Whether it’s Slack or Microsoft Teams, companies will typically have identity verification and authentication processes in place to do the ID confirmation for you– which LinkedIn, Instagram, and most social media platforms just don’t have.
Don’t access your personal social media on company-issued devices.
Whether social media is part of your job or not, it’s just best practice to not access your personal accounts on a company-issued device. The ads and individuals that you encounter on your personal account could be fraudulent, and you don’t want to needlessly put your employment at risk by accidentally granting access to your device by clicking a fraudulent link.
Social media can be a great place to get advice and build a community around what’s important in your life. You don’t necessarily need to never talk about your job and your daily life– you should just severely limit what you share with the general public. Key things to leave out: the name of your employer, your full name, any names of your boss or coworkers, and any images of your computer screen or notes on your desk. People really don’t need a lot of information in order to find out everything about you. Don’t make it easier for fraudsters to target you and err on the side of caution when it comes to sharing about your job.
Avoiding fraud on social media doesn’t mean you need to regard everyone you interact with as a threat. Just be mindful of what you’re sharing and with who (and follow your company’s handbook) and you should be in the clear.