You might just use Facebook for watching funny cat videos, but crooks use it to steal your money and information.
1. Taking quizzes
Your friend just found out what ‘80s pop star is their spirit animal and now you can’t wait to find out either.
Don’t let your curiosity get the better of you, though.
Some Facebook quizzes will ask for access to your profile, and others will even go a step further by throwing certain questions into the quiz itself, says Adam Levin, founder of global identity protection and data risk services firm CyberScout and author of Swiped.
“They’re purely to gather information because … they could be the answers to security questions,” he says.
Only take quizzes on sites you know and trust and create fake answers for password recovery questions so they’re hard to crack, says Levin.
It might be easy enough for Facebook scams to figure out your mother’s maiden name, so leave an easy-to-remember lie instead.
2. Insane giveaways
Free iPad giveaway? Sign me up! But wait – before you click that sweepstakes link, ask yourself whether it seems real, says Eva Velasquez, CEO and president of Identity Theft Resource Centre.
“Yes, there are legitimate sweepstakes and raffles and giveaways, but there’s usually an end goal there,” she says.
Most companies are hoping the promise of a free iPad (or flight or jewellery) will entice you enough to, say, sign up for a newsletter or buy a product.
Be sceptical if you receive a friend request from someone you could have sworn already had a Facebook page.
Sure, some people like to clean house by ditching their old profiles, but other friend requests aren’t so innocent.
Scammers will clone a person’s entire Facebook profile, creating a fake profile of a real person. From your “friend’s” page, the hacker could send a link for a get-rich-quick scheme or a cute quote.
It’s the kind of thing you’d ignore from an anonymous e-mail message, but not from a loyal friend.
“They’re banking on the fact that you will trust the message,” says Levin.
The problem is, clicking that link could add malware to your computer.
Before you accept a weird friend request, shoot over a text or call the person to confirm it’s not a fake account.
4. A friend’s strange request
Even if you haven’t received a new request, don’t immediately trust a message from a friend you can’t see face-to-face.
Hackers can find a person’s password and break into their account, then message their friends. The person might claim to have lost their wallet in Europe and ask you to send money. It might sound obvious enough now that it’s a scam, but those messages could tap into your fear, so you don’t think straight.
If you’re wondering if your “friend” is who you think it is, get in touch on a platform other than Facebook. Ringtones sound different in other countries, so you’ll be able to figure out if your friend is travelling, even if they don’t pick up the phone, says Levin.
Whether you know the person who posted it or not, you might go into panic mode when someone leaves you a message warning, “OMG look what they’re saying about you” and click the link to find out what’s going on.
“It’s really about engaging your curiosity and getting your curious nature to say, ‘I want to know,’” says Velasquez. But don’t click!
A vague message (“Did you see this picture of you?” vs “LOL at your face eating cake at Sam’s party last weekend”) is suspect, and clicking it could load malware onto your computer, says Velasquez.
Text your friend to confirm the link is real.
6. Coupon codes
Liking a store or restaurant’s fan page – or even keeping an eye on the ads – can be a great way to stay in the loop when there’s a sale.
If a post shows a promo code and it works, lucky you! You just saved some cash.
But be sceptical if you need to give personal information or create an account to unlock the savings.
In some Facebook scams, a site poses as a real store but is phishing information.
“Open a new browser tab and Google it,” says Velasquez. “Go to the source and see what’s going on.”
If there’s a genuine promotion, you can bet the store’s official site will let you know.
Particularly after a major tragedy, you’ll see plenty of ads and posts from charities offering to help the victims.
While some of those fundraisers really will go to the people who need it, others could just be scammers preying on your caring spirit, says Levin.
For one thing, clicking a link from those schemers could put malware on the computer. Worse? Your money won’t go to victims of the tragedy, but straight in the pocket of a crook.
To keep your money safe, do a Google search of the site instead of clicking the Facebook post link, says Levin.
Seek out a trusted charity instead of donating to the first you see advertised.
8. Secret Santa
It sounds like a great idea: some stranger is setting up a “Secret Santa,” where you send one person a $10 gift, and three other people will send you one, too.
But like those old snail mail lottery ticket chains, there’s no guarantee you’ll get your money back in these Facebook scams.
If no one else follows through sending your gift, you might not get anything in return.
“You just gave your home address to a stranger with a list of stuff you like,” says Velasquez.
“Is the return really worth the investment?”