Whether it's to make a profit by selling your data, to scam your contacts on your social media accounts by impersonating you, or to steal your identity and apply for documents and obtain accounts in your name, there's a few reasons why scammers want your social media account.
Read on to find out what to do if your social media account has been hacked.
‘Despite having two-factor authentication set up, my account was still compromised’
Oliver (not his real name) had his personal Facebook account hacked, despite his best efforts to keep it secure with two-factor authentication and strong, unique passwords.
He thinks scammers gained access by a method known as cookie cloning. Cookie cloning is when a fraudster copies your cookies, which are files about your browsing history and behaviour, such as login details, and can happen when your device is infected with malware.
The hacker linked their fraudulent Instagram account to Oliver’s Facebook profile. Meta, who owns both Facebook and Instagram, promptly disabled both accounts.
‘The situation became catastrophic because Meta bundles business pages with personal accounts. The suspension of my personal account jeopardised my Facebook and Instagram business pages, which are critical to my livelihood.
'Worse still, Meta initiated a countdown to permanently delete my account and all associated assets, which would have erased years of hard work and caused immense financial damage,’ Oliver told Which?.
He also said that he had to subscribe to Meta Verified in order to access human assistance. He told Which?, that without it, he had ‘no customer service, no email support, and no one to escalate issues to.’
Which? contacted Meta and it told us it encourages its users to create strong passwords, enable two-factor authentication and to be suspicious of emails or messages asking for personal details. Oliver did eventually regain access to his account.
Hacked social media account
Last year Action Fraud warned that between August 2023 and August 2024, more than 33,600 people reported their social media and email accounts had been hacked. It added that victims had lost an estimated £1.4 million.
Access to your social media account can be a cash cow for scammers. In some cases, scammers may use the account to try to con your contacts out of money.
One example of this Which? has recently seen involved a scammer taking over an Instagram account to attempt to flog some non-existent Oasis tickets for £150 per ticket. Victims of this scam could have been fooled as the scammer knew lots of details about the account holder and his partner.
An almost-victim of this scam told us that he sensed something wasn't right when his friend refused to call him or at least arrange a call, he eventually concluded it was a scam when the bank details didn't match up and he aborted the bank transfer.
How do scammers hack into your social media accounts?
There are lots of ways that a fraudster can gain access to your social media. The main culprits are:
Phishing websites - Malware Credential stuffing - Brute force - Sim swapping -Recovering hacked accounts
You should also notify your contacts that your account has been hacked and they should ignore any messages requesting money or information.
To keep your social media accounts secure, never click on links in messages or be tempted to enter your details into a website you've been directed to from a text or email.
source https://www.which.co.uk/news/article/why-scammers-want-access-to-your-social-media-account-aNuBO3D2kuZr