How To Avoid the 9 Worst Social Media Scams of 2026

How Common Are Social Media Scams?

Social media sites like Facebook, Instagram, and TikTok might not be where the most scams take place — but they are where victims report losing the most money to scammers.

According to new data from the Federal Trade Commission (FTC), social media scams cost Americans over $2.1 billion in 2025 alone — more than any other contact method.

Social media provides scammers with easy access to billions of potential victims. But the best thing you can do to stay safe is learn to recognize the warning signs of common social media scams.

The 9 Latest Social Media Scams To Avoid in 2026

Losses from social media scams have increased eightfold since 2020, with nearly 30% of all people who reported getting scammed saying it started on social media (and the majority getting scammed on Facebook).

Here are the latest and most common scams targeting people on social media sites according to the FTC, FBI, and Better Business Bureau (BBB).  

1. Fraudulent investment opportunities

Fake investment opportunities were the most dangerous scam overall in 2025, with victims losing nearly $8.7 billion, according to the FBI.

Investment scams on social media can take multiple forms — from deepfake endorsement videos of celebrities and public figures (like Elon Musk), to social media ads and Telegram and WhatsApp groups sharing help from investment “gurus”.

Whatever the approach, the end game is the same: trick you into sending money to a scammer, investing in a fake cryptocurrency exchange, or pay “fees and taxes” to release non-existent gains.

How to stay safe:

• Due your due diligence on any investment advice. Unsolicited investment advice or “tips” from anyone online should be treated with extreme caution. Make sure you understand what you’re investing in (especially when it comes to cryptocurrencies) and the associated risks.
• Don’t trust immediate returns. Scammers often play the long game by releasing small “gains” in order to manipulate you into investing more (known as a “pig butchering scam”).
• Remember: There’s no such thing as a “risk-free” investment. Scammers will promote low-risk and “get rich quick” investments. But don’t get fooled into thinking you’re found a “secret” asset.

2. Fake shopping ads

Shopping scams were the most-reported type of social media scam in 2025, with nearly 40% of all victims purchasing counterfeit items or not receiving products they paid for.

Scammers take advantage of the same tools provided to legitimate online stores and retailers to serve targeted ads for luxury items, clothes, and other products at deeply discounted rates or with “limited-time offers”. But the ads are linked to fake websites or ones made to look like legitimate online stores, but that steal your money and financial details.

How to stay safe:

• Shop directly with trusted retailers. If you see an ad for a retailer, visit their site directly. You can often request the same discount listed on the social media ad by reaching out to their support team.
• Research sellers and stores. If you’re looking to buy a specialist item or just want to support a smaller store, search for known scams. For example, search for “[brand name] + [scam/reviews/legit]” on Google or the BBB’s Scam Tracker to see if anything comes up.
• Look for warning signs of a scam. This can include pixelated or AI-generated images, poor grammar and spelling, or requesting payment via non-traditional methods, such as gift cards, wire transfers, and cryptocurrencies. And remember: Too-good-to-be-true deals are often just that.

📚 Related: What To Do If You’ve Been Scammed on Facebook Marketplace →

3. Romance scams

Fraudsters pose as potential romantic interests or even friends on social media sites in order to gain your trust before requesting money and favors or launching into other schemes (such as investment scams).

Once they initiate a romantic relationship, they’re very forward and “love bomb” their victims — quickly telling them that they’re in love and asking to move the conversation to a different platform or even meet up.

How to stay safe:

• Limit who can see your posts and profile. Romance scammers can use the information in your profile and social media posts to tailor their scams, using personal details to manipulate you into thinking it’s a true connection. Tighten up your privacy settings to ensure that only trusted friends and contacts can see your profile and posts.
• Beware of anyone asking for money online. An online connection asking for money is an immediate red flag. This includes gift cards, cryptocurrency, and other forms of payment.
• Check for fake profiles. Fraudsters use stolen or AI-generated profile photos to target victims. Pay close attention to photos that look too-good-to-be true. To be absolutely sure, use a reverse image search tool like TinEye to see if the photos were stolen from another profile or site.

4. Job offers and business opportunities

Fraudsters create fake social media accounts to promote remote job opportunities, promising that you can make easy money. Scammers have two objectives when running a job scam:

1. Get money from you. A scammer will give you the job, but only if you “buy the equipment” first.
2. Get information from you. Scammers will send you a job application in hopes that you’ll fill it out and give away private information, such as your Social Security number and home address.

How to stay safe:

• Research the supposed opportunity. Always research companies to which you’re applying, and make sure they’re legitimate. You can check reviews on sites like Glassdoor, or search for the company name on the BBB website.
• Don’t pay for training or equipment upfront. Legitimate companies should provide you with everything you need to get started on a job. Also, beware if you’re sent a check for a large amount and told to deposit it and then send some of the money back to the employer. This is a classic bank scam.

⛳️ Related: How To Quickly Identify a Scammer →

5. Fake rental listings

A recent analysis from the FTC found that Americans have lost over $65 million to rental scams — with the majority of those scams taking place on Facebook. Fraudsters copy legitimate rental listings and then pressure victims to pay upfront “deposits” to hold the rental or book a viewing.

How to stay safe:

• Beware of online or self-guided tours. Scammers won’t meet you in person and will instead insist on a virtual tour or send you information from a legitimate listing that is hosting self-guided tours to make it seem more legitimate.
• Don’t send personal information before confirming the rental. This is especially true for sensitive information, such as your SSN, paystubs, bank account information, or photos of your driver’s license.
• Don’t click on links to “free credit score” checks. Some scammers may request that you sign up for a “free” credit score check and send over a suspicious link. In reality, these services sign you up for a recurring charge, and the scammers takes a commission.

6. Social media account takeovers

Account takeover fraud occurs when hackers gain access to someone’s social media profile. They may trick you into giving up access, use a phishing attack to steal your password, or simply buy your login information off the dark web.

Once they gain access, scammers will use these accounts to post about fake investment opportunities, share links to phishing sites, gather personal details from their victim’s friends and family members, or even gain access to other online accounts (for example, by using “sign in with Facebook”).

How to stay safe:

• Secure your social media accounts. Use strong and unique passwords for each account and enable two-factor authentication (2FA) whenever possible. Most services include some form of “security checkup” tool.
• Check if your passwords have been leaked. Run a free dark web scan to see if your credentials have been leaked in a recent data breach.
• Beware of friends suddenly changing their posting behavior. If someone reaches out to you out of the blue or starts posting about giveaways or investment opportunities, their account may have been hacked. Try messaging them on a different platform (or via text/phone call) before clicking any links or sharing information.

⛳️ Related: How To Recover a Hacked Facebook Account →

7. Scam giveaways, contests, and sweepstakes

In this type of scam, fraudsters send direct messages to say you've won a prize. But to receive it, you must first pay or provide financial information. While giveaway scams are sometimes random, other times scammers reach out to people who comment on legitimate contests to trick them into thinking they’ve won.

How to stay safe:

• Never pay for a prize. No credible lottery or sweepstakes requires you to pay for taxes, shipping, or processing fees. It’s illegal to request money for sweepstakes.
• Check the sender’s profile. If you really have entered the lottery or sweepstakes, ensure that the person contacting you is legitimate by reaching out to the company directly.

8. Brand and celebrity impersonation scams

Scammers create imposter social media accounts using someone else's name, photos, and other identifying information. This could include friends and family members or celebrities and other public figures.

Impersonator accounts may request money, send links for phishing scams, or post fake giveaways and prizes.

How to stay safe:

• Be realistic. A celebrity or influencer is likely not messaging you to ask for financial help. Always conduct an additional search to see if you can find a verified account for this person, or an account that displays more followers, content, and engagement.
• Check the profile. Look for warning signs, such as if the account is not verified — especially if it normally would be (i.e., a celebrity or influencer) — or if it comes from a “lookalike” social media handle purposefully meant to mislead you into thinking it could belong to the real person.

⛳️ Related: How To Protect your Personal Information on Social Media →

9. Phishing attacks with links to malware or fake websites

Phishing attacks occur when scammers reach out directly to trick you into giving up sensitive information or giving them access to your accounts. One common tactic on social media is direct messages from a friend or stranger that says something like, “Is this you in this photo?!” alongside a link.

There are numerous other types of phishing attacks, but the most common on social media include links to fake login pages or that even download malware to your device.

How to stay safe:

• Don’t click on suspicious links. On desktop devices, you can hover over links to see where they’re trying to take you. On mobile, it’s a bit harder, requiring a “long press” to see the URL and a preview of the page.
• Never provide passwords or authentication codes. Phishing attacks may impersonate customer support or other authorities and ask for your password or 2FA codes. Legitimate support agents will never ask for sensitive information like this.
• Make sure you’re on a company’s official website. If a link takes you to a legitimate-looking login page, don’t enter your information. Instead, open a new tab and navigate to the official website directly.

How To Identify a Scammer on Social Media

• It’s a brand new social media profile with little content or few friends. The average Facebook user has around 150 friends. Regardless of the platform, if an account has fewer followers than that or is very new, it could be a scammer.
• The profile belongs to someone with whom you thought you were already friends. Scammers create “cloned” profiles to impersonate your friends and contacts.
• You receive a random message with a link in it. Never click on links or engage with unsolicited direct messages (DMs). This is how scammers trick you into going to fake websites or downloading malware onto your device.‍
• You’re asked to send money online (via gift cards, wire transfers, payment apps, etc.) or invest in cryptocurrency. This is the #1 red flag that you’re dealing with a social media scammer. ‍
• Posts or ads promoting a deal that seems too good to be true. Low prices or hard-to-find items that are readily available are major warning signs of a scam. When in doubt, follow best practices on how to shop online safely.‍
• The person insists on taking the conversation off social media and asks you to text them. This allows them to bypass the security measures provided on most social media sites (or continue the scam if their account gets reported and banned).

What To Do If You’ve Been Scammed on Social Media

If you’ve clicked on a suspicious link, provided information to a shady account, or sent money to someone you think is a scammer, you need to act quickly to minimize the damage.

• Secure your accounts. Request a password reset and then log out of all sessions to kick scammers out of your account. Make sure you update your password and backup contact details, and enable 2FA. Need help? Follow the steps of what to do if you think you’ve been hacked.
• Contact your financial institutions. Inform your bank or cryptocurrency exchange of the scam and ask to speak to their fraud department.
• Freeze your credit. Contact each of the three credit bureaus (Experian, Equifax, and TransUnion) to prevent scammers from using your financial information to open new accounts or take out loans.
• Report the crime. You can report scam accounts to each social media platform and details of the crime to the FTC at ReportFraud.ftc.gov. If you gave out sensitive information, file an official identity theft affidavit at IdentityTheft.gov.
• Scan your devices for malware. Clicking on malicious links can infect your devices with viruses. Run an antivirus scan or perform a factory reset to try and remove any.

For added protection, consider signing up for Aura’s all-in-one digital security solution to keep you and your family safe from scams.

With Aura, you get #1-rated identity theft protection, 24/7 credit monitoring, proactive digital security tools — including antivirus software, virtual private network (VPN), password manager, and more — as well as $1 million in insurance coverage for eligible losses due to identity theft.