Cybercrime is a growing threat, and new data reveals a worrying trend: social media and email account hacking is on the rise. Action Fraud, the national fraud and cybercrime reporting centre, has seen a significant increase in reports, with 35,434 cases in 2024 compared to 22,530 in 2023. Shockingly, this hacking resulted in nearly £1 million being lost by victims last year.
To combat this, Action Fraud, supported by Meta, is urging the public to take a simple but crucial step: enable 2-Step Verification on all your online accounts.
Why is this happening?
Reports to Action Fraud show that the most common motives behind social media hacking include:
- Investment Fraud: Hackers use compromised accounts to promote fake investment schemes.
- Ticket Fraud: Fraudsters sell bogus tickets to events using stolen accounts.
- Account Theft: Hackers take control of accounts for various malicious purposes.
How Hackers Gain Access
Action Fraud has highlighted two main methods used by hackers:
- On-Platform Chain Hacking: This involves a hacker gaining control of an account and impersonating the owner. They then try to trick the victim's contacts into revealing authentication codes, often one-time passcodes sent via text. This can be particularly deceptive, as people believe they are messaging with a friend. Once they have the code, they can take over the account.
- Leaked Passwords and Phishing: Hackers also gain access through phishing scams or by using passwords leaked from data breaches. This is a common problem because many people use the same password for multiple accounts. If one password is leaked, all accounts using that password become vulnerable.
What You Can Do To Protect Yourself
It's vital to take action to secure your online presence. Here are key steps you can take:
- Enable 2-Step Verification (2SV): This adds an extra layer of security, making it much harder for criminals to access your account, even if they know your password. It's quick and easy to set up on most platforms.
- Create Strong, Unique Passwords: Your email and social media passwords should be strong and different from all your other passwords. A good tip is to use three random words to create a memorable yet secure password.
- Be Wary of Phishing: Be cautious of suspicious emails. Report phishing emails by forwarding them to report@phishing.gov.uk
Words From The Experts
Adam Mercer, Deputy Director of Action Fraud, emphasises the importance of online protection: "As social media and email account hacking remains the most reported cybercrime this year, this Action Fraud campaign marks a critical issue for everyone who has online accounts. That’s why we’re raising awareness of the ways people can protect themselves online. Follow Stop! Think Fraud advice and protect yourself online: enable 2-Step Verification on each online account you have – this will help prove your identity and stop fraudsters trying to steal or access your valuable information. Secure your social media and email accounts by ensuring each password is strong and uses three random words. Remember to never share your passwords with anyone else."
David Agranovich, Security Policy Director at Meta, highlights ongoing efforts to combat scammers: "Scammers are relentless and continuously evolving their tactics to try and evade detection, which is why we’re constantly working on new ways to keep people safe while keeping bad actors out. Two-Factor Authentication (2FA) is one crucial example of how people can add an extra layer of security to their Meta accounts, to help reduce the risk of scammers accessing your accounts. We’ve also started rolling out facial recognition technology to help people get back into compromised or hacked accounts and are always working on new ways to stay ahead of scammers."
Where To Get Help
- Find out how to protect yourself from fraud: https://stopthinkfraud.campaign.gov.uk
- If you’ve lost money or provided your financial information to someone, notify your bank immediately and report it to Action Fraud at actionfraud.police.uk or by calling 0300 123 2040. In Scotland, call Police Scotland on 101.
By taking these simple steps, you can significantly reduce your risk of becoming a victim of social media or email account hacking. Stay vigilant, stay safe online!
Source: Action Fraud (17-03-2025)
