So you’ve been targeted by a social media scam. Now what?

So you’ve been targeted by a social media scam. Now what?

This post is part of a series on cybersecurity. Check out part one of the series.

Last week, we spoke with Steve Biswanger, President, CISO Division of CIO Association of Canada, about social media scams to watch out for – and what not to do if you encounter one. 

So what should you do instead? And is it possible to avoid these scams altogether?

Steve gave us tons of tips on dealing with social media scammers – keep reading to find out how to protect your brand.

cyber security

Is it possible to avoid social scams?

Unfortunately, it looks like social media scams aren’t going anywhere anytime soon.

“It is almost impossible to avoid phishing altogether,” says Steve. “It costs almost nothing for scammers to message a million people. Even if only a handful respond, they can still make money – so there are millions of people trying new scams every day.”

Instead of worrying about encountering scams, Steve says the best approach is to minimize the damage, should it happen to you. When it comes to cybersecurity, he suggests a few simple but effective tips.

First of all, make sure to set up multi-factor authentication on your accounts. “This means you need to use your password and ‘something else’ to log in with,” Steve says. “This could be a one-time code sent to you via email or SMS (but don’t use SMS if you can avoid it), a one-time code generated in Google Authenticator, or a popup notification on your phone asking you to confirm the login.”

But don’t just stop there. Steve also suggests using different passwords for every one of your accounts – that way, if there’s ever a data breach on one, you won’t have to change your passwords on the rest. Password managers like 1Password or LastPass can make this process a breeze.

social media scams phishing

Your anti-scam game plan

While it’s easy to fall prey to a social media scammer, there are many things you can do to take control of the situation. So what’s the first step?

“Do not panic,” Steve warns. “The best attacks feel like they were sent directly to you and appear to be time sensitive, encouraging you to act before thinking.”

Scammers often send messages that appear to be from sources you trust, like your bank or your Amazon account. Before responding, take a moment to consider if the message actually makes sense.

“If you are uncertain if the message really came from your bank, Facebook, FedEx, etc., reach out to them through ‘normal’ channels,” Steve says. “If you received something on Facebook Messenger asking you to log in and confirm your credentials, don’t click on the link provided. Go to the regular login page and check there.”

Steve also notes that most social media attacks are sent to millions of people at a time, and social media platforms will list the most common ones on their websites. It never hurts to notify the platforms of scams, and save others from being targeted as well.


Social media marketing is incredibly powerful, but the chance of running into an online scam is always present. Luckily, the more you know about social media scams, the better equipped you’ll be to protect your brand. Thanks again to Steve for all of these game-changing cybersecurity tips!

Post A Comment