We earn a commission from brands listed on this site. This influences the order and manner in which these listings are presented.
Advertising Disclosure

How to Protect Yourself from Social Media Identity Theft: Expert Advice

Erin Donaghue - Top10 Writer
A woman looking at a cell phone, surprised by a breach.
Social media is a great way to connect with friends and family globally. But it's not without risks.

Social media ID theft, among the main types of identity theft, is becoming a bigger problem. According to a 2023 Identity Theft Resource Center report, social media account takeovers increased by 1,000% over a year.

In 2017, musician Lukas Nelson—son of country singer Willie Nelson—warned his Facebook followers that someone posing as him was reaching out to his fans on social media and asking for money or personal contact information. This is a stark reminder for social media users and music fans about how imposters seek to gain victims’ trust before stealing their money.

» Check out how hackers can steal your personal identity and how to prevent this.

How Social Media Identity Theft Works

Typically, social media identity scammers pretend to be someone else by creating a fake, nearly identical account or taking over someone’s social media account after gaining access to their username and password.

Many times, these scammers are aiming to steal money, but access to your social media account means that can use an array of personal information for other ID theft schemes, like:

  • Birthday
  • Address
  • Phone number

Facebook, Instagram, and Twitter are commonly targeted by scammers, most likely because of the number of users with large followings. Once a scammer has accessed an account, they can wreak havoc by:

  • Sending links with malware
  • Requesting money
  • Sending links to their own accounts via direct message to each follower

When many people use the same password for multiple social media accounts, an incident like the 2021 Facebook data breach leaves someone with compromised information vulnerable to takeovers on other platforms. To safeguard your online identity, consider the following measures: which of these should be done to protect your identity when creating a social media profile?

Since reversing the damage can be challenging once your account has been stolen, let's explore expert tips to protect yourself from social media identity theft.

1. Limit Public-Facing Information

When it comes to popular social media platforms such as Facebook or Instagram, a crucial aspect to consider is managing the visibility of your personal information.

By taking advantage of the privacy settings available, you can exert control over what details are accessible to individuals who are not directly connected to you on these platforms.

To foster a safer online experience, it is prudent to exercise caution when sharing personal data, particularly sensitive information like your place of residence.

Publicly available data can inadvertently empower scammers to exploit it for malicious purposes, such as crafting fake accounts or attempting to guess your password.

A computer keyboard that says

2. Make Sure Your App and Software Are Updated

To ensure your online safety, it's important to keep your social media app on your phone, as well as your computer's operating system and antivirus software, up to date. You can choose to enable automatic updates for convenience.

By doing so, you allow developers to address any security flaws that scammers might exploit. Regular updates can prevent problems before they occur as developers work to fix vulnerabilities and ensure your protection.

Updating your software is a simple yet effective way to enhance your online security and enjoy a safer digital experience.

3. Limit Third-Party Social Sign-Ins

While it might be tempting to quickly sign in to a third-party app using your Facebook account, this can increase your risk of an account breach. That's because if the third-party app is hacked, the hacker may have access to your Facebook account information as well.

Restricting the number of third-party websites accessing your data will make your information safer.

4. Be Cautious of Links From "Friends"

If you receive a link or a request for money from a friend's account via direct message on social media, remember that the person may have been hacked. GoodFirms research shows that 21% of survey respondents lost money due to a social media scam.

To avoid falling into this percentage, reach out to the friend via text or a phone call to alert them to the message and ask if it's legit. It's a good practice to never click on any suspicious links to avoid malware or phishing attacks.

» Worried about online shopping? Check the best identity theft protection for online shoppers.

5. Enable Multi-Factor Authentication

One great way to protect your data online is to enable "two-factor authentication" when you sign in to your social media account. This adds an extra layer of security, such as a fingerprint scan or a code, before you sign in with your password.

You can also try a token-based system, where an authentication app generates a one-time, time-based code to enable login rather than a text-based code. That's because scammers can sometimes take over mobile phones to leverage mobile authentication systems.

6. Avoid Logging in on a Public Wi-Fi Network

Logging in to a social media account, or any account, on a public Wi-Fi network can leave your password vulnerable to identity thieves.

Protect yourself while on the go by using a virtual private network (VPN) or your phone's mobile network. But try and avoid the free VPNs many mobile devices come with, as there's been reports of user tracking and other security concerns.

7. Consider a Password Manager

Protect your social media accounts by ensuring each one has a strong password that's unique from your other accounts.

Remember, if one of your accounts is hacked and you're using the same password for your other accounts, those will be vulnerable, too. A password manager can help you keep track of all that data and improve security often through advanced encryption.

A person holding a tablet with a padlock on it, updating their online security measures.

8. Auto-Lock Your Devices

You can use the auto-lock feature on your computer, tablet, or smartphone. This will require another sign-in after the device has been left idle for a specified period of time.

Identity thieves need just a few minutes with your device to steal important personal information, even if it's only when you leave your laptop unattended in the coffee shop while you use the bathroom. Auto-locking creates a barrier to help keep your information safe.

» Discover ways to protect yourself from phishing attacks.

9. Never Share Your Passwords

Never share your passwords with anyone, even if it's someone you believe you can trust. Although the majority of identity theft crimes' perpetrators are unknown to victims, there is a percentage of friends, spouses, roommates, or family members who may try to infiltrate your personal and financial information.

To ensure maximum information protection, avoid sharing your passwords with anyone.

10. Ignore Messages & Friend Requests From Strangers

If you receive a message or a friend request on social media from someone you don't know, ignore it. This person may be attempting to target you for a scam. You can even make your account private.

By limiting your online connections to people you know, you remove some risk of security weaknesses since this allows better control over who sees your online content and who interacts with you on social media.

a person holding a cell phone, putting their social media account on private.

Don't Fall Victim to Social Media ID Theft

Social media identity thieves exploit people's trust in their friends and connections online. Be cautious and follow your intuition if a message from a "friend's" account could be a scam. Consider our preventative tips and look into identity theft protection services like Norton and IDShield.

But if your account is already hacked, change your password immediately, contact your financial provider (if there's been a breach of your bank account or misuse of your credit card), and notify your contacts to avoid more people being victimized.

» Want to know more? See these 10 things to do if you've fallen victim to identity theft.

Erin Donaghue - Top10 Writer
Erin Donaghue is a criminal and social justice reporter, with an MA in journalism and over a decade of experience reporting and editing for various news outlets. In addition to Top10.com, Erin's work has been featured in publications such as the Washington Post, USA Today, CBSNews.com, and Huffington Post.