Social Media Scams: Giveaways, Impersonation, and Click Bait

Security Education: This article describes cyber threats for defensive awareness and education purposes only. Understanding how attacks work helps organizations and individuals protect themselves. Never use this information for unauthorized access or malicious purposes.

Social media platforms host billions of interactions daily, making them the ideal hunting ground for scammers. In 2023, social media was the most profitable contact method for fraud, with over $2.7 billion in reported losses. Scams on social media exploit the trust inherent in friend networks, the viral nature of shared content, and the platforms’ ability to precisely target vulnerable demographics through advertising.

Fake Giveaway Scams

“Elon Musk is giving away $10,000 to everyone who retweets this!” Celebrity and brand impersonation giveaways flood every platform. The scam works by requiring you to click a link, enter personal information, pay a small “processing fee,” or send cryptocurrency to participate. The giveaway does not exist. Verified account badges can be faked in images, and some scammers hijack real verified accounts.

Cryptocurrency giveaway scams are particularly prevalent, with fake livestreams using deepfake video of celebrities promising to “double” any crypto sent to a wallet address. These scams have generated millions in losses through YouTube and Twitter.

Account Impersonation

Scammers clone existing profiles by copying profile photos, names, and bios, then send friend requests to the original account’s connections. Once accepted, the impersonator messages friends with urgent requests for money, gift cards, or personal information. Variations include impersonating customer support accounts to intercept complaints and harvest credentials.

Instagram impersonation often targets small businesses by creating accounts with slightly modified names and contacting the business’s followers with fake promotions or giveaways.

LinkedIn impersonation creates fake recruiter or executive profiles to send phishing messages, fake job offers, or business proposals. LinkedIn’s professional context makes users less suspicious of connection requests from strangers.

Clickbait and Engagement Traps

Posts with sensational headlines (“You won’t believe what happened!”), shocking images, or emotional stories drive clicks to external sites that harvest credentials, install malware, or display scareware popups. Quiz and survey scams (“What Disney character are you?”) collect personal information (birthdates, pet names, hometown) that doubles as security question answers.

Marketplace Scams

Facebook Marketplace and similar platforms host scams involving fake product listings, advance-payment fraud, and overpayment schemes using fake checks or fraudulent payment confirmations.

Protection Practices

Verify before engaging. Check account creation dates, follower counts, post histories, and engagement patterns. New accounts with few posts and stock photos are likely fake. Do not click links in unsolicited messages, even from friends, without verifying with the friend through another channel.

Use platform reporting tools. Report fake accounts, scam posts, and fraudulent ads. Platforms do act on reports, though response times vary.

Restrict personal information. The less personal data visible on your profile, the less material scammers have for targeted attacks.

For more on how social media enables phishing specifically, see our angler phishing guide. To lock down your social media accounts, explore our social media privacy settings guide.

AI has dramatically scaled social media scams. Bots generate thousands of convincing fake profiles with AI-generated photos (identifiable by subtle artifacts in hair, jewelry, and backgrounds), AI-written bios, and automated engagement patterns. AI-generated comments and reviews create an illusion of legitimacy around scam accounts and fake products.

Deepfake technology enables celebrity impersonation at scale. Live-streamed deepfakes of public figures promoting cryptocurrency scams have appeared on YouTube and other platforms, convincing victims that real celebrities endorse the schemes.

Building Skepticism Without Paranoia

The goal is not to distrust everything on social media but to apply appropriate skepticism to interactions that involve money, personal information, or clicking unfamiliar links. Verify extraordinary claims through independent sources. Check profiles for signs of authenticity (post history, follower engagement patterns, account age). Never send money based solely on a social media interaction without independent verification through a different channel.