With the rise of social media marketing, account security is now a business concern just as much as a personal one. An estimated 160,000 Facebook accounts are hacked every day, and hackers can access any social media account in less than 60 seconds with the right information. One of the most popular hacking techniques is the phishing scam – a fake email sent from what appears to be a social media company claiming some incident has taken place and that they need you to “input your info,” “verify your account,” or take some other similar action. Recent estimates claim global losses due to compromised emails average around $9B a year.
So, how can you tell the difference between a real email and a phishing one?
Looking at Meta’s Facebook specifically, here are a few ways you can tell the difference between a real email and a phishing email.
First, check to see if the email comes from one of Facebook’s verified email addresses: facebook.com, fb.com, Facebookmail.com, or firstname.lastname@example.org. Click the dropdown and verify that the displayed email matches the sender to be certain. Facebook also keeps a list of every email they send you. If you are unsure if a Facebook email actually came from Facebook, then verify it yourself.
Go to your account settings > Security and Login > See Recent Emails from Facebook > View
Just like Facebook, Instagram tracks the emails it sends you, but only for the past 14 days. Open Instagram, go to settings, click “Emails From Instagram” and check to see if they sent you that email. That’s it.
In the email itself, hover your cursor over the link. Where does it take you? If it is a long link that does not resemble the sender’s address, then don’t click it. Also, look at these commonalities found in many phishing scams:
- It’s not personally addressed to you
- The subject line is overly positive
- You can tell it’s trying to get an emotional reaction from you
- It’s asking for private financial information
- It’s using “act now,” “immediate,” and other time-sensitive verbiage
If an email doesn’t feel right, then don’t click it. Verify the legitimacy of every email that asks for information, claims your account has been hacked, or anything similar.
The first step to social media security is not giving your information away. You will most likely receive – if you haven’t already – a phishing email. Follow these precautions and take a minute to verify emails yourself.