Social media has been the No. 1 method for online scammers to contact victims since 2021, according to FTC data. (Adobe Stock Images)
Crooks extracted $2.7 billion from gullible social media users between 2021 and June 2023, according to the Federal Trade Commission.Emma Fletcher, senior data researcher with the FTC, said 25% of people who reported that they lost money to fraud since 2021 said social media is where the scam began. The actual number of those bilked via social-media scammers is likely much higher given that most fraud victims do not report the crime, according to the FTC report published last week. Source: Federal Trade CommissionScams initiated via social media are trending up in 2023, the FTC reported, accounting for majority of fraud reports. Topping the list of scams is product no-shows, after a victim pays for an item. Typical hangouts for criminals perpetrating social media hustles is Meta owned Facebook or Instagram, according to the report. The crime accounted for 44% of fraud reports in the first six months of 2023.
Source: Federal Trade CommissionWhen it comes to dollars lost in the first half of 2023, investment scams promoted on social media led the way, with 53% of total reported losses coming from investment schemes that included cryptocurrency.Romance scams had the second highest in losses on social media and round out the top three fraud scams. To avoid scams on social media, the FTC recommended that users use privacy settings to limit who can see their posts and private information. The agency also recommends not responding to urgent requests for money from social "friends" and to research a company before making a purchase.
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.
Attacks commenced with the delivery of phishing emails with a Dropbox link that downloads a ZIP archive containing an internet shortcut file with a TryCloudflare URL that fetches an LNK file for further compromise, a report from Forcepoint X-Labs showed.
After luring targets into providing their curriculum vitae or GitHub link for fake cryptocurrency, finance, or travel job offers, attackers proceed to share a malicious repository with the project's "minimum viable product," which executes nefarious code eventually resulting in the deployment of stealer malware that targets Windows, macOS, and Linux systems.