Why Social Media Is a Scammer's Playground
Social media gives scammers three things they need: access to billions of potential victims, detailed personal information to craft targeted attacks, and built-in trust signals (mutual friends, verified-looking profiles, professional headshots) that make fraud more convincing. The FTC reports that social media was the most profitable contact method for scammers in 2023, with losses of $2.7 billion — more than any other method including phone calls, email, or text messages.
The scams below are ranked roughly by how common they are based on FTC complaint data, FBI IC3 reports, and platform transparency reports. If you receive a suspicious message or see a suspicious post, you can check it instantly with our free Scam Checker tool.
1. Fake Giveaway & Prize Scams
Where it happens: Facebook, Instagram, X (Twitter), TikTok
How it works: A post claims you have won a prize, a gift card, or a cash giveaway — sometimes impersonating a real brand like Apple, Amazon, or Mr. Beast. To "claim" your prize, you must click a link, share the post, provide personal information, or pay a small "shipping fee." The prize does not exist. The link either harvests your login credentials, installs malware, or collects enough personal data for identity theft.
Red flags: You never entered a contest. The account has few followers or was recently created. You must "act now" or the prize expires. You must pay anything to receive a "free" prize. The link goes to a domain that is not the official brand website.
What to do: Do not click. Do not share. Report the post to the platform. Real giveaways never ask for payment or sensitive personal information to claim a prize.
2. Impersonation & Cloned Accounts
Where it happens: All platforms, especially Facebook and Instagram
How it works: A scammer copies someone's profile — photos, name, bio, and all — then sends friend requests to that person's contacts. Once accepted, the fake account sends messages asking for money ("I'm stuck overseas and need help"), promoting a fake investment, or sharing phishing links. A variation targets businesses and public figures by creating near-identical accounts with slightly different usernames.
Red flags: You receive a friend request from someone you are already connected with. The account has very few posts or a recent creation date. Messages feel out of character or are unusually urgent about money.
What to do: Contact the real person through a different channel (phone call, text) to verify. Report the fake account to the platform. Warn your mutual contacts. Tighten your own privacy settings so scammers cannot easily clone your profile.
3. Marketplace & Shopping Scams
Where it happens: Facebook Marketplace, Instagram Shopping, TikTok Shop
How it works: Sellers list items at attractive prices — electronics, event tickets, vehicles, rental properties — that either do not exist or are significantly different from what is advertised. The buyer pays via Venmo, Zelle, Cash App, or gift cards (methods with little or no buyer protection), and the seller disappears. A reverse version targets sellers: a "buyer" sends a fake payment confirmation screenshot, then asks the seller to ship the item before the payment actually clears.
Red flags: Price is significantly below market value. Seller insists on payment outside the platform's built-in checkout. Seller refuses to meet in person for local items. Payment confirmation arrives via text or screenshot instead of through your actual bank or payment app. Seller's account is new with no history.
What to do: Use the platform's built-in payment and checkout system when available. For local purchases, meet in a public place (many police stations have designated safe exchange zones). Never accept screenshots as proof of payment — verify through your bank or payment app directly. See our full guide to selling safely online.
4. Phishing via DMs
Where it happens: All platforms
How it works: You receive a direct message that appears to come from a friend, a brand, or the platform itself. Common lures include: "Is this you in this video?", "Your account will be suspended", "You've been selected for verification", or "I'm doing a survey for a school project." The message includes a link that leads to a fake login page designed to steal your username and password, or a site that installs malware.
Red flags: The message creates urgency or curiosity. The link URL does not match the official domain. The message came from someone who does not normally DM you. The login page looks slightly off — wrong colors, missing elements, or a suspicious URL in the address bar.
What to do: Never click links in unexpected DMs. If a message claims there is an issue with your account, go directly to the platform's official website or app settings — do not use the link in the message. If you already clicked, change your password immediately and enable two-factor authentication. Full phishing response steps here.
5. Crypto & Investment Scams
Where it happens: Instagram, X (Twitter), TikTok, LinkedIn, Telegram
How it works: Someone promotes a "guaranteed" investment opportunity, a new cryptocurrency token, or a trading strategy with screenshots of enormous returns. Some scams use fake celebrity endorsements or deepfake videos of well-known figures endorsing a platform. "Pig butchering" scams combine romance tactics with investment fraud — building a relationship over weeks before steering the victim to a fake trading platform that shows fabricated profits. When the victim tries to withdraw, the money is gone. Our full crypto scams guide covers this in depth.
Red flags: Guaranteed returns. Screenshots of profits as proof. Pressure to invest quickly. An unknown or unregistered trading platform. Someone you recently met online who keeps bringing up investing. You cannot withdraw your funds without paying additional "fees" or "taxes."
What to do: No legitimate investment guarantees returns. Verify any platform through SEC.gov EDGAR or FINRA BrokerCheck before investing. Never send crypto to someone you have not met in person. If someone you met online steers conversations toward investing, assume it is a scam.
6. Romance Scams on Social Platforms
Where it happens: Facebook, Instagram, dating apps that connect to social profiles
How it works: A stranger sends a friend request or follows you, then gradually builds a romantic or emotionally intimate connection through DMs. Over weeks or months, they fabricate a crisis — medical emergency, travel problems, legal issues — and ask for money. These scams cost Americans over $1 billion annually, and social media is now the most common starting point. Our dedicated romance scam guide covers this in detail.
Red flags: They refuse video calls. They profess love unusually quickly. Their photos look too polished or return results in a reverse image search. They eventually ask for money via wire transfer, crypto, or gift cards.
What to do: Reverse image search their profile photos. Insist on a live video call early. Never send money to someone you have not met in person. Talk to a trusted friend or family member about the relationship.
7. Fake Job & Business Opportunity Scams
Where it happens: LinkedIn, Facebook, Instagram, TikTok
How it works: A recruiter reaches out with an exciting job offer — high pay, remote work, minimal experience required. The "hiring process" asks for personal information (SSN, bank details for "direct deposit setup") or requires you to purchase equipment or pay for training materials upfront. A variation posts "work from home" ads promising thousands per week for simple tasks like product reviews or data entry. Another version targets small business owners with "brand ambassador" or "influencer partnership" offers that require upfront payment.
Red flags: The job pays significantly above market rate for the role. They ask for your SSN or bank info before a formal offer letter. You must pay for anything upfront. The company name does not appear in a Google search or on official job boards. The recruiter's LinkedIn profile was recently created.
What to do: Research the company independently. Legitimate employers never ask you to pay for equipment or training. Verify recruiter identities through the company's official website. Never share your SSN until you have a formal written offer and have verified the employer.
8. Quiz, Survey & "Find Out" Scams
Where it happens: Facebook, Instagram
How it works: A fun-looking quiz promises to tell you which Disney character you are, what your celebrity doppelganger looks like, or what your name means. To see your "results," you grant the app access to your profile data or enter personal details like your birthday, mother's maiden name, hometown, or pet's name. These are the same answers used as security questions for banking and email accounts. The data is harvested and sold or used directly for account takeover.
Red flags: The quiz asks for information that matches common security questions. It requires you to authorize a third-party app to access your profile. The results page is full of ads or asks you to share before seeing results.
What to do: Avoid third-party quizzes and apps that request access to your social media profile. Review and revoke app permissions in your platform settings regularly. If you must take a quiz, never provide real answers to questions that match your security questions.
9. Subscription Trap & Fake Ad Scams
Where it happens: Facebook, Instagram (promoted/sponsored posts), TikTok
How it works: A targeted ad promotes a "free trial" for a beauty product, supplement, or streaming service. You pay only for shipping ($4.95 or similar). Buried in the fine print is a recurring subscription at $79-$149/month that begins 14 days later. Cancellation is deliberately made difficult — phone numbers do not work, emails bounce, and chat support is unavailable. A variation uses celebrity endorsement photos (usually without permission) to sell counterfeit or dangerous products.
Red flags: The offer requires a credit card for a "free" product. The website has no physical address, limited contact information, or was registered recently. The brand has no presence outside of paid ads. Reviews outside the ad are nonexistent or overwhelmingly negative.
What to do: Search "[brand name] + scam" or "[brand name] + cancel" before ordering. Read the full terms and conditions, especially around recurring billing. If you are already subscribed, dispute the charges with your credit card company — federal law limits your liability for unauthorized recurring charges.
10. AI Deepfake & Voice Clone Scams
Where it happens: All platforms, especially TikTok, Instagram, and X
How it works: Scammers use AI to create realistic fake videos or voice recordings of celebrities, politicians, or even your own family members. Deepfake videos of public figures "endorsing" investment platforms or products are shared as ads or organic posts. Voice cloning scams use a few seconds of audio from a social media video to create a convincing voice clone, then call family members pretending to be in distress and needing money urgently. Our AI voice scams guide and AI scam recognition guide cover these in depth.
Red flags: The video has subtle visual glitches around the face, ears, or hairline. The audio sounds slightly flat or the cadence is off. A family member calls from an unknown number in a panic asking for money. Celebrity "endorsements" for unknown investment platforms.
What to do: Establish a family code word that only your household knows — if someone calls claiming to be a family member in distress, ask for the code word. Be skeptical of celebrity endorsement videos for financial products. Verify any urgent requests through a separate communication channel.
How to Protect Yourself on Social Media
These steps dramatically reduce your exposure to every scam on this list.
- Lock down your privacy settings. Make your profile, friends list, and posts visible only to confirmed connections. Our social media privacy guide walks you through the settings on every major platform.
- Enable two-factor authentication (2FA) on every account. This prevents account takeover even if your password is stolen. Best 2FA apps.
- Use a password manager. A unique, strong password for each account means one breach does not compromise everything. Best password managers.
- Be skeptical of unsolicited messages. If someone you do not know reaches out with an offer, opportunity, or urgent request, assume it is a scam until proven otherwise.
- Verify before you trust. Reverse image search profile photos. Look up company names independently. Contact friends through a different channel if their account sends unusual messages.
- Never send money to someone you have not met in person — regardless of the story, the urgency, or the emotional connection.
- Check suspicious messages with our Scam Checker. Paste any suspicious text, email, or DM and get an instant AI-powered analysis with specific red flags identified.
- Consider identity theft protection. Services like Aura monitor the dark web, credit bureaus, and financial accounts for signs that your personal information is being misused. Particularly valuable if you are active on social media.
What to Do If You Fell for a Social Media Scam
Speed matters. The sooner you act, the better your chances of limiting damage.
- Secure your accounts. Change passwords on all affected accounts immediately. Enable 2FA if it is not already active.
- Contact your bank. If you shared financial information or sent money, call your bank or credit card company to freeze cards, dispute charges, and flag the account for monitoring.
- Freeze your credit. If personal information (SSN, date of birth, address) was exposed, place a free credit freeze at all three bureaus: Experian, Equifax, and TransUnion.
- Report the scam. File reports with:
- The social media platform (report the account and/or post)
- FTC: reportfraud.ftc.gov
- FBI IC3: ic3.gov
- Monitor your credit. Check AnnualCreditReport.com for unauthorized accounts. Consider enrolling in a monitoring service. Full identity theft recovery steps.
For a complete response plan, see our scam response guide.