It’s happened. Spammers & scammers have made their way over to Pinterest under the guise of companies like Starbucks, H&M, and Pinterest itself, claiming that they’re giving away 500 free iPads, gift cards, and so on. And there are apparently bunches of people whose parents never taught them that if something seems too good to be true, it probably is.
What’s scary about it is that when you click on those links to explore what’s going on, they show a little countdown screen, a “Pin It” button, and your name, photo, and friends pulled from Facebook. I’m not sure if this means they’re already “IN” and able to spam your friends (I didn’t take any chances and I’ve already changed my password), but that doesn’t sit well with me.
So in case you’ve forgotten, here are a few ways to avoid being scammed, spammed, and otherwise duped on social media (especially Twitter & Facebook, because they’re super popular and the likeliest targets).
1. If something sounds too good to be true, assume it is.
That’s not to say blog giveaways from bloggers and friends you trust aren’t reliable. If it’s a source you trust, check it out. However, if it’s a big brand like Starbucks or Macy’s and they’re offering something unbelievable for nothing more than your information, just move on.
2. Be aware of where you are
And by that I mean look at the URL in your browser window. Facebook.co (DON’T ACTUALLY FOLLOW THAT DOMAIN) is not the same as Facebook.com, so if you’re led away from the main site to something like facebookhd.com or facebookgiveaways.com, know you’re in the wrong place. Also be aware of oauth protocols and where they’re coming from. These should also come from the proper domain and should look something like oauth.facebook.com
3. Cross reference the supposed source
Check the company’s website, Twitter, and/or Facebook account. If the offer isn’t publicized through the company’s site or social media accounts, it would be in your best interest to stay away. I tweeted at H&M directly about the scam I saw, and they responded pretty quickly. A lot of companies that are on top of their social media game would (read should) probably jump to clarify any of those types of issues.
4. Don’t give out private information
A normal giveaway will ask you to check out a website, Tweet, leave comments, follow someone on Twitter, Like a page on Facebook, and/or subscribe via RSS. What is abnormal is asking for your personal information or passwords. Sometimes I wonder why I might have to say these things, but sometimes it has to be said. Don’t give out your passwords or login information. The only time an address should be necessary is if you’ve won a giveaway from a trusted source.
Note: I’m only talking about sites that say they’re going to give you something for free. This doesn’t apply to services or online shopping destinations, but again, know where you are!
5. Consider the method of outreach
And by that I mean if someone sends you a tweet that has NO information but your username and a shortlink, steer clear. If the tweet sounds like a bad cold-call sales pitch, then in its own special way, it is. Unsure? Check out other tweets from that user. If they’re all identical to the one that was sent to you, report the person as spam and be done with it.
What to do if you ARE scammed, spammed, or hijacked
1. Change your passwords. In fact, I recommend changing your passwords every six months.
2. Report that your account has been hacked if the site has that option.
3. Clean up after yourself. Remove any spam posts, remove spammy app privileges/revoke access in the applications tab of Twitter, and “unlike” whatever it was that started this whole mess.
These are just a few basics, but when you look at it, internet safety is really a whole lot of common sense. Keep up with the privacy settings, and if you need that added sense of security, customize them. What are you doing to keep your social media accounts safe?