Cyber security experts are warning that hackers manipulating social media profiles and even faking serious illnesses to target your friends.
Austin neighborhood resident Adan Rodriguez's Facebook account was taken over and used to fool his friends into donating money with a fake post about him battling cancer.
"A friend of mine called me at 11:30 at night and tried to check if I'm okay," he said. "He was calling in tears with a box of tissues and he called me the next morning saying, 'are you okay?' and I'm like, 'yes, I'm fine.'"
Rodriguez said his friends got their money back from Facebook and he now realizes his password wasn't strong enough.
"The scammer had my Facebook," he said. "And I was in shock, like, heartbroken."
Here's how to keep your social media account from being hacked:
- If you don't have 2-factor authentication enabled on your social media accounts, do it right now.
- Make sure you have strong, different passwords to prevent hackers from gaining access to multiple accounts if they somehow infiltrate one.
Security experts are also warning about another major security threat, your account can get hacked through phishing links.
"He sent me, sent me a message from Instagram to reset my password," explains actress and Beverly resident Darian Tene.
She clicked on that bogus link in a message she thought was from her cousin, then she entered her Instagram password.
"Having my account hacked has really been violating," she said. "It's kind of like something has been stolen from me. I've had that account for 10 years."
Tene is now warning her friends that a scammer has taken over her Instagram account and is using it to rip them off.
"I can't have my reputation being, 'hey, this girl scammed me on Instagram,' because someone is using my face and my name to commit fraud," Tene said.
Lincoln Square resident Lynsie Napier clicked a similar phishing link in an Instagram message.
"It's horrible," she said. "I'm still sad about it."
Now, 5,000 travel blog photos with her daughter are gone.
"I was just scrolling Instagram one day and I received a message that said they noticed suspicious activity on my account and to verify my phone number, so I did that, never received anything, and then my account ended up being disabled," she explained.
Cyber security experts say social media outlets will never send you links asking you to re-enter sensitive information.
You should be suspicious if anyone, even an existing friend, asks you to click on a strange link.
"We've seen a big trend that any platform where you can talk or communicate with somebody, you could potentially be scammed on," David McClellan, from the cybersecurity company Social Catfish, told the I-Team.
He said he's seeing a sharp rise of hacked or fake profiles and warns that those hacked accounts are then used to fool other social media users.
"The person's either trying to get money from you or trying to get you to send money or they're maybe trying to social engineer you to get your information to steal your identity," McClellan said.
"Social media scams are growing and continuing to grow because that's where people are, people are stuck at home now," said Alex Hamerstone, a security expert at TrustedSec.
He added that you should also beware of existing "friends" messaging you saying they have a "new" or "secondary " account.
"The usual line is, 'Hey, I'm locked out of my main account, can you join this one.' You know if they only have a couple of 'friends' on there, then it's probably a scam," Hamerstone said.
All three social media users who reached out to us are locked out of their accounts, saying there are not getting answers from Facebook or Instagram.
"I feel like Instagram, either their response is just way too slow or they just don't care," says Tene.
The I-Team reached out to Facebook and Instagram about all three social media users. Spokespeople told us they would work with the consumers on getting their accounts back.
Expert tips to protect yourself from social media scammers:
1. Set up two-factor authentication - it's the most important thing you can do! Ninety percent or more of hacker attacks could have been prevented with two-factor authentication.
2. Use unique passwords - If you use the same password across websites and accounts, once a hacker has one they have them all. If they can access your social media and your bank account uses the same password, they now have access to your bank account.
3. Try a password manager to account for more complex passwords - all of us have hundreds of passwords making it nearly impossible to memorize them all. To ensure you keep your unique passwords safe a password manager is an effective and helpful tool.
4. Reach out to your friends and family who send friend requests - If a friend or family member is trying to friend you a second time on social media with a new account, reach out and make sure it's really them before you accept. It may be a scammer who cloned their account.
5. Don't follow a possible scammer to another platform - If you are talking to someone on a social media site and they ask to move the conversation to another platform this is a red flag. Most social media platforms can remove scammer's accounts, but once you are off the initial platform it's much harder to be removed or banned, making a successful scam that much easier.
6. Be skeptical of the people reaching out to you on social media - In today's digital age it's normal to establish social connections online. Still, it's always important to be alert when communicating with unfamiliar profiles reaching out to you on social media.