Since 2017, the fastest-growing age bracket to fall victim to scams has been 20- to 30-year-olds. This age range, encompassing millennials and Gen Z adults, relies heavily on social media as a primary source of communication.
The numbers come from a 2022 report by the Federal Trade Commission (FTC). In 2022, over 95,000 individuals reported losses to fraud in exchanges that originated on social media, accounting for about 25% of all reported losses to fraud in 2021. Nearly nine out of 10 scam victims named either Facebook or Instagram as their platform of choice.
According to the FTC, cybercriminals use social media due to the low cost and user ability required to engage with large pools of people. Add to the mix the level of personal disclosure commonly found on social media, and offenders have more to pull from.
“The more trusting online that you are, [the higher the risk],” said Drew Scown, supervisory special agent for the FBI’s Salt Lake City division. The Bureau maintains a list of the most common forms of scams seen today, and two of those – romance and employment – are of particular concern for young adults.
Romance scams
Romance scams draw victims to fictitious profiles in a process known in popular culture as “catfishing.” Cybercriminals engaged in romance scams secure the confidence of their victims, capturing their trust before emptying their accounts.
In a YouTube video hosted on the FBI’s website, Jule Albretsen of the FBI’s Salt Lake City division gives tips on how one can protect themselves in cases of possible romance scams.
“Be cautious if they seem too good to be true,” Albretsen says. “Go slowly and ask a lot of questions, and never send money to someone you haven’t met in person.”
Vigilance is vital when it comes to online dating, said Dr. Hau Moy Kwan, associate professor of computer sciences and information systems at Salt Lake Community College. She added that reverse internet searching can be useful when attempting to confirm the genuineness of an online profile.
“However, con artists are aware of these resources and could take measures to hide their tracks,” Kwan noted.
When exploring online dating, Kwan advises people to stick to reputable platforms, avoid sharing sensitive information, and report suspicious activity. While scammers may employ strategies to thwart verification efforts, Kwan reaffirmed that not all online profiles are fake. Regardless, she said to always approach online interactions with caution.
Scown said online romance scammers generally look for loneliness in their victims and “play on those emotions.”
Employment scams
The FBI’s 2022 Internet Crime Report (IC3) recorded nearly 15,000 total employment scams, totaling over $52 million in losses incurred by individuals who were seeking work.
The IC3 details one type of employment scam in which a criminal will draw in their victim by posting fake online listings for fictitious positions at investment firms or companies that are otherwise associated with investing. Then, rather than offering them a job, the criminal provides their victim with investment guidance, while their online correspondence is “designed to retrieve as much money from the target as possible.”
“Unfortunately, job and employment fraud has increased on several social networking sites, including Instagram and LinkedIn,” Kwan said. “Scammers frequently prey on those [who are] looking for better employment possibilities or [are] unhappy with their existing workplaces.”
With investment scams, Scown said that criminals are also often looking to “play on someone’s potential greed.”
Kwan again recommends people use reputable platforms, especially when looking for work online. She also said to make sure one thoroughly researches the organizations they’re applying to and checks the validity of associated contacts.
Other ways to stay secure
For further, more general protection online, Kwan advises the public to employ various security measures to mitigate the opportunities that scammers have. These security strategies include:
- Unique passwords for each account
- Two-factor authentication
- Email filtering and antivirus software · Firewalls
- Receiving security awareness training
- Using secure Wi-Fi connections
- Adjusting privacy settings on social media sites
- Verifying the legitimacy of emails
While taking such precautions can help protect individuals’ accounts, Kwan said it’s for the public to stay informed about the latest security measures and remain reasonably cautious.
“Remember that scammers are continually evolving their tactics, and some are skilled at creating convincing deceptive links,” she said. “Vigilance and caution are your best defenses against falling victim to such scams.”
Techniques that scammers often use, according to Kwan, are URL spoofing and typo squatting, which create misleading links and email addresses that appear legitimate at first glance. Further examples include misspellings, subdomains, hyphens and underscores, and the transposition of letters.
The “HTTPS” indicator found at the beginning of common URLs works to signal authenticated web communication and data encryption, enhancing trust and credibility. However, scammers can still acquire “HTTPS” addresses and use them to create convincing phishing websites.
“Having an ‘HTTPS’ address does not necessarily guarantee the legitimacy or safety of a website,” Kwan explained, adding that users should always be wary when clicking on dubious links.
When asked about the future of scamming, Scown said “[artificial intelligence] will change how scammers handle their business. With AI, [cybercriminals] can connect faster and with a lot more people.”
Regardless of the scamming method, Scown maintains that, either now or in the near future, the reporting of cybercrimes will prove critical in helping to stop scammers.
“It’s always important to report a scam, [because] law enforcement can inoculate you from further scams,” Scown said. “Education is key to preventing loss.”