Protect yourself from financial fraud on social media

The promises sound tempting – too good to be true: time and again, purported financial experts advertise big profits on social media. However, these promises are often made by fake profiles that use sophisticated scams to deceive people, particularly those without much financial experience. These fake profiles are online profiles that have been created to simulate an identity. We explain what social engineering is and show you how to protect yourself from attempted fraud.

Cybercriminals use social engineering to gain access to sensitive information online. They employ targeted social interactions and human characteristics such as helpfulness, fear or trust to manipulate their victims. There are many different approaches when it comes to social engineering. The fraudsters analyze the personal environment of their victims, create false identities or exploit the “human factor” to obtain personal information.

They often build up a trusting relationship with their victims by exchanging messages over an extended period of time. The scammers then give them false hope or fear until they provide the necessary information or comply with their financial demands. For example, the fraudsters pretend to be bank employees or distant family members and invent stories as to why the victims should send them money or disclose data.

Fraudsters establish contact with their potential victims with just a few clicks and likes, particularly on platforms such as Instagram, Facebook, Snapchat, etc. They use fake profiles to build up trust by paying compliments or feigning common interests. Examples of how criminals operate on social media can be found further down in the article.

However, social engineering does not only occur on social media. Similar attempts at deception are also carried out via email, text message or telephone call.

Social engineering encompasses various methods, such as “phishing”. This involves sending spam emails from a fake sender so that users share their personal information or visit fake websites. Another common technique is “smishing”, which is when fraudsters intercept access data via SMS by pretending to be a legitimate organization or sending false offers. “Vishing” is when criminals call their victims. Again, they pretend to be employees of the victim’s bank or insurance company, or claim to be phoning on behalf of a public authority.

The deceptively genuine messages often make it difficult for those affected to realize that they are scams.

In today’s digital world, it is crucial to protect yourself from the sophisticated methods of cybercriminals and to ignore suspicious requests. The following tips will help you:

Never pay in advance

Be extremely careful if you are asked to pay in advance online. This means that you should pay up front before you have received the promised financial service. You should be particularly careful with unknown people or companies. Check the providers on Trustpilot or similar platforms. This type of request is often an attempt at fraud. It is likely that you will lose your money without ever receiving what was promised in return.

Do not pass on bank details

Real bank employees and public authorities will never ask you for passwords or PINs of accounts and credit cards not even for identification purposes. Do not pass on your bank details online or by telephone.

Do not allow access to your computer

Banks, Internet providers or authorities will never ask you to give them access to your computer. As soon as you give strangers access to your device, they can steal sensitive information, install malicious software (malware) or remotely control your computer without you noticing.

Do not conclude contracts with strangers

Be skeptical about signing contracts with people you do not know personally, especially when it comes to financial matters. The contracts are often misleading and contain clauses that endanger your rights or your property.

Protect personal data

Pay attention to the information you share on social media and to the posts you “like”. Avoid publishing personal information such as date of birth, address, contact details or vacation plans, as these elements can be exploited by criminals.

Check contact requests on social media

Only add people to your network that you know personally. Before you accept a contact request, you should check the profile thoroughly and not just agree without a second thought. Use privacy settings to control who can see what content.

Avoid public Wi-Fi networks

Be careful when using public Wi-Fi networks and avoid using them to access your social media accounts. Hackers could gain access to your information via the public network.

To protect yourself from social engineering on social networks, the first thing is to be aware of the dangers and changing methods. Treat unexpected requests from supposed financial experts with great caution and never pass on personal information such as your E-Banking contract number or PIN. Do not click on links that lead to websites you do not know, but simply delete the messages. Check the web page by moving the mouse over it before clicking. UBS websites always start with www.ubs.com.