Social Media Phishing Alert

Its common that emails, text messages and phone calls are used by criminals to approach people, however we also see that people become victims of crime due to SOCIAL MEDIA PHISHING.


Social media phishing can present itself as a link in a tweet, or a post on your social media or video hosting site. It can also be in a direct message advertising a gift or special offer, or ironically warning you to take action to avoid some kind of financial loss. These messages can be sent using common social media messaging apps such as WhatsApp and Facebook Messenger.

How to avoid being a victim?

Do not click on links in posts, tweets or direct message unless you are 100% certain that they are genuine and well intentioned.

Ask yourself if somebody genuine would really contact you in this way with this information.

Recognise threats of financial issues or offers that seem too good to be true, for what they really are.

Even if the post or tweet seems to come from someone you trust, their account may have been hacked or spoofed. If the post seems out of the ordinary, it is likely that it has been hacked.

If the approach is via Twitter, note that accounts of legitimate businesses usually feature a blue ‘verified’ tick to indicate that the account is authentic. They will also never request login credentials.

If you are suspicious of the post, contact the company/person directly through different means such as a telephone number or email address. Legitimate organisations will be happy to advise if the post is legitimate.

If you have been a victim of social media phishing, report it to the social media network via the reporting mechanisms on the site or app. If you have lost money as a result of social media phishing, report it to Action Fraud on 0300 123 20 40, or via the website at

Message Sent By
Katie Cain (Police, Cyber Harm Reduction, Durham)