A concerning trend is on the rise, affecting individuals across various social media platforms. Criminals are increasingly targeting innocent people, seizing control of their profiles, and engaging in scams and fraud. Action Fraud, the national fraud and cybercrime reporting service, has released alarming figures regarding social media and email hacking incidents, with an astonishing 18,011 reports recorded between August 2022 and July 2023.

Aside from pilfering valuable personal information for their own gain, scammers are also manipulating compromised accounts to facilitate fraudulent activities. For instance, there have been numerous reports in the past two months concerning hacked social media accounts promoting counterfeit Taylor Swift tickets. This deceitful tactic aims to deceive victims, as fraudulent ticket sales are less likely to be suspected if the social media account selling them appears legitimate, boasting a substantial number of friends and extensive posting history.

Out of the 18,000 reported incidents, a shocking 4,092 victims fell prey to extortion or unknowingly had their accounts misused for perpetrating fraud against the wider public. Pauline Smith, Head of Action Fraud, explained that the popularity of social media platforms presents a prime opportunity for criminals to exploit unsuspecting users. With millions of people utilizing these apps daily, scammers have access to a vast pool of potential victims, often seeking to gain control of their online profiles to defraud others.

To safeguard your accounts, it is essential to implement strong security measures, such as setting up 2-step verification. Never share your 2-step verification codes with anyone, and if something seems amiss, swiftly report the suspicious activity and block the sender within the app. Strengthening your email and social media passwords, ensuring they are distinct from all other passwords, can provide an additional layer of protection.

In analyzing the reported cases, Action Fraud found two primary types of account takeovers. The first involves on-platform takeovers, wherein fraudsters trick victims into sharing crucial account details, often capitalizing on their control of a friend’s compromised account. The second method, email compromise and phishing, occurs when individuals unwittingly disclose their login credentials on fraudulent websites after clicking on deceptive links in seemingly genuine emails. Once hackers gain access to victims’ email accounts, they can reset passwords for associated social media accounts.

To avoid falling victim to these malicious schemes, it is crucial to adopt preventive measures. Implementing strong, unique passwords for your email and social media accounts can significantly reduce the risk of unauthorized access. Furthermore, activating 2-Step Verification provides an extra layer of security requiring additional identity confirmation when accessing accounts from new devices or making significant changes.

If you reside in England, Wales, or Northern Ireland and have fallen victim to fraud or cybercrime, report the incident to Action Fraud at www.actionfraud.police.uk or calling 0300 123 2040. In Scotland, victims should report to Police Scotland on 101. Suspicious emails can also be forwarded to SERS at [email protected].

FAQ

What is social media and email hacking?

Social media and email hacking involve unauthorized access to individuals’ accounts on platforms such as Facebook, Instagram, Twitter, and email services like Gmail or Outlook. Hackers can gain control of these accounts to extract personal information or exploit them for fraudulent purposes.

How do criminals manipulate hacked social media accounts?

Once hackers gain control of a victim’s social media account, they may engage in various fraudulent activities. This can include promoting fake products or services, such as counterfeit concert tickets, with the intention of deceiving others and profiting from their purchases.

What is 2-Step Verification?

2-Step Verification, also known as 2SV, is a security feature that adds an extra layer of protection to your accounts. It requires additional information or verification, such as a code sent to your phone or an email confirmation, along with your password to access your account. This helps prevent unauthorized access even if someone gains knowledge of your password.

Sources:

Action Fraud: www.actionfraud.police.uk

Police Scotland: www.scotland.police.uk