Another day, another scam! A new wave of social media scams has emerged, targeting unsuspecting Facebook and Instagram users. Whether you use your profile or page for personal or business use, this new con could affect you. In this article, you'll discover what this scam is, how to detect if hackers are targeting you, and how to avoid falling for it and potentially leaking your highly sensitive private information.

If you're a social media user, you may have noticed that in recent years, both platforms are quick to hand out page violations. An inappropriate comment or post can land you in "Facebook jail" or with a 30-day suspension for repeated offenses. Facebook’s goal appears noble – keep these platforms a positive, kind place for all users.

To help identify these comments, the platforms have developed a sophisticated bot that can read the posts and detect "flagged" phrases that the platform has deemed inappropriate. Typically, they remove the inappropriate content and notify the user that the post was flagged and warn if they continue posting similar content a ban can occur.

However, this robotic peacekeeper is not perfect. It has a reputation for flagging ordinary content because of key trigger words and banning unoffending accounts. This situation is frustrating for users who don't want to lose access to their social media platforms for an offence they didn't commit or are worried that years' worth of memories or business contact information and transactions they've accumulated on their account could disappear if their account is wrongfully deleted.

About 6 months ago we had a lady call us up who was conducting all her business via Instagram and had her account hacked and she was locked out of the account. Unfortunately, for her she had been communicating with clients only on Instagram, had not saved any of their contact information, and was unable to communicate with clients. This has the potential to put her, and you, if you do something similar, out of business for good.

Cybercriminals have seen their opportunity and went for it. Hackers pose as support agents from Facebook or Instagram, contacting users via posts or direct message on the platforms saying there has been a policy violation and they'll help the user resolve it by filling out a simple form that gives them the information they need to make this digital slap on the wrist go away. The alarming twist? Once users submit their information, it falls directly into these skilled hackers' hands, who can use it for who knows what.

Last year, yours truly, was targeted with a similar scam on Facebook that inspired this post titled “How To Avoid Drastic Negative Effects To Your Marketing And Sales Efforts By Not Falling Victim To This Scam”. In it I explain the dangers and things you can do to protect yourself. Click here to read on.

Naturally, if you want to protect yourself from this scam, you must first be able to recognise it. If you receive a message like the one below – don't panic. Cybercriminals want you to be worried, so you slip up and make a mistake. Remember, a Facebook agent will never directly contact you unless you go through the support chat first. The platforms have in-app notifications about banned or flagged content that you will see first, and they will follow up via email.

The image below features an actual screenshot of this scam in action and points out other factors to notice when determining the legitimacy of a violation.

We didn't request the form to see what information it collects (and neither should you), but we can guess. Facebook has developed strict verification processes for confirming identities to reduce the number of imposters on Facebook and determine the rightful ownership of accounts in hacking situations. The platform will request proof of identity with a photo of your ID or sometimes even business documents proving ownership. Cybercriminals will likely request this information but may take it further by asking to confirm your password, tax file or Medicare number, and more.

This deceptive tactic highlights the ever-evolving nature of cybercrime. Just as we've seen with the rise of AI-powered tools used in voice cloning scams, these hackers are becoming increasingly creative and sophisticated in their efforts to manipulate social media users. They are watching what's happening and adapting their tactics accordingly. The stakes are high, and so is the potential damage to individuals and businesses.

To safeguard yourself and your professional services firm or business from such threats, it's crucial to remain vigilant and informed. Here are a few practical tips to help you stay protected:

  • Always verify the authenticity of messages received from social media platforms. Support does not contact you via message unless you request chat support, and they will never ask you to provide sensitive information through direct messages.
  • Be cautious of unsolicited messages requesting you to click a link or fill out a form. Instead of clicking the link, visit the platform's help centre or contact support directly to inquire about the issue.
  • Strengthen your account security by enabling two-factor authentication, regularly updating your passwords, and using unique, complex combinations of characters.
  • Provide regular security awareness training to your employees. Share articles like this one that shed light on emerging scams and engage in ongoing education to ensure your team remains alert and prepared.
  • Collaborate with your IT service provider to implement robust cybersecurity measures and disaster recovery protocols. Investing in comprehensive protection is essential in minimizing the risk of falling victim to these sophisticated attacks.

Remember, prevention is critical. Don't wait until it's too late to take action. If you're concerned about your livelihood, your reputation being put at risk, or the security measures, your IT service provider has in place, then click here to request a FREE IT Security Risk Assessment.

This assessment will give you a clear understanding of your current security stance and whether you're well-equipped to handle a cyber-attack. Obviously, and it goes without saying, so you can avoid the monetary losses, time losses, stress and anxiety they cause you.

My Info Tech Partner is a trusted IT Services and IT Support provider in Perth that specialises in helping the equity principals, partners, directors, and practice managers of legal, accounting and financial services firms from making big expensive mistakes with technology and ultimately, protect their livelihood.

Naturally, we are the only one that offers you enhanced peace of mind with our “Never Pay The Ransom” $10,000 Money Back Guarantee.