You’re scrolling Instagram during your lunch break when you spot an enticing giveaway from your favourite brand. Or, perhaps you come across a familiar face touting a “can’t-fail” new investment strategy; the returns look tempting, and the presenter is a trusted television personality.
There’s just one problem: Both these “opportunities” are actually carefully crafted cons. One quick tap later, and you’ve handed your login credentials or credit card info to a criminal halfway around the world.
Such scenarios play out millions of times each month, and these schemes are only becoming more common. According to Bitdefender’s 2025 Consumer Cybersecurity Survey, which polled more than 7,000 consumers across seven countries, social media has now overtaken email as the top scam delivery channel, with 34 percent of victims reporting they’ve been targeted via a social platform (compared to 28 percent via email and 26 percent via phone call).
In the UK, the stats are just as stark. Research from Juniper Research found that UK social media users were exposed to an average of 185 scam adverts every month in 2025, collectively losing £44 million as a result. Data by Good Money Guide from Action Fraud shows that UK consumers have forfeited £214 million to financial fraud on social platforms over the past five years.
Here’s what you need to know and some steps you can take to protect yourself during your next scrolling session.
Social Media Platforms Are Profiting
The economics here sadly don’t favour users; many platforms are financially benefiting from the uptick in scams. The Juniper Research study found that social media companies reportedly earned £430 million in UK ad revenue from advertisements later identified as fraudulent in 2025 alone (a 56 percent increase on 2022 figures). Analysts estimate that roughly one in ten adverts shown to UK users may now be linked to scams.
Making matters worse, scam ads generate revenue for platforms before they’re reported and removed, if they’re removed at all. In a system where the onus of reimbursement falls on banks rather than platforms, social networks have little motivation to act quickly. A number of UK banks have publicly called for regulation that would make platforms financially liable for fraud that originates on their services, but until liability shifts, users must be prepared to act as their own first line of defence.
Different Platforms, Different Targets
Not all social platforms play host to the same types of traps. The Bitdefender survey found a clear generational split in how nefarious actors target their victims: younger users are primarily hit via TikTok, Instagram, and WhatsApp, while older demographics are disproportionately targeted through Facebook and WhatsApp. Barclays’ fraud data backs this up, finding that social media is the biggest scam source for Gen Z consumers, accounting for 58 percent of cases in that age group compared to 45 percent across all generations.
As Bitdefender’s research highlights, fake giveaways on Instagram are a prime example of how these attacks work in practice. In these efforts (like the first scenario detailed up top), a harmless-looking prize draws users into a full account takeover.
The Contradictory Way Consumers Consider Privacy
Research into how consumers tend to use social media highlights a core contradiction, often referred to as the “privacy paradox”: people deeply distrust many of the world’s biggest social platforms, yet they spend hours on such sites each day. Bitdefender’s survey found that more than half of respondents say they do not trust X/Twitter (52 percent) or TikTok (51 percent) at all, and nearly half view OpenAI with suspicion (45 percent). Yet these sentiments do little to curb platform use, which only continues to grow. It’s a dynamic that scammers both understand and rely on: the platform doesn’t need to be trusted for a phishing message or fishy advert to land with users.
The verification badge problem compounds this. What was once a reliable shorthand for legitimacy has become an exploitable tool. Paid verification on platforms like X means that those once-sought-after blue ticks can be acquired with a subscription as low as a few pounds each month. Bitdefender’s own research into Instagram giveaway fraud found that attackers routinely use verification badges to lend credibility to fake accounts, yet many users still treat the badge as a green light.
AI Is Making Scams Harder to Spot
If the scale of the problem wasn’t alarming enough, the quality of social media scams is improving rapidly, thanks to AI. Three in four UK adults told Barclays that AI has made online cons more convincing. Bitdefender’s survey found that 37 percent of consumers globally cited the use of AI to create difficult-to-detect deceptions as one of their biggest concerns about the technology.
Criminals are now using generative AI to enhance the sophistication of fraud attacks, deploying deepfake video and voice cloning to execute impersonation scams at scale. Con artists can also use the technology to adapt their campaigns to specific demographics, serving tailored content to younger TikTok users and more traditional-looking investment fraud to older Facebook audiences.
How to Protect Yourself
While awareness is the first step, a few simple habits can go a long way toward protecting yourself and your family on the sites you use every day:
Don’t Trust the Advert, and Verify the Source. If an investment opportunity or celebrity endorsement catches your eye on social media, close the app and search for it independently. Legitimate opportunities don’t disappear if you take five minutes to check them out.
Don’t Let a Verification Badge Lower Your Guard. Ticks and badges no longer reliably indicate a trustworthy account. Check the account’s full handle carefully, look at how long it has been active, and be sceptical of accounts with large follower counts but sparse or inconsistent post history.
Treat Urgent Requests With Suspicion. A false sense of urgency is a common manipulation tactic. If a brand, delivery service, or financial institution genuinely needs to reach you, they have your contact details and don’t need you to act within the hour.
Verify Before You Act. If someone contacts you via social media or WhatsApp with an unexpected request, even if the account looks familiar, confirm through a separate, trusted channel before responding or sending money. AI voice and video cloning mean that what you hear and see can no longer be taken at face value.
Use Dedicated Security Software. A security solution with anti-phishing and anti-fraud capabilities — particularly one that covers your mobile, where so much of this activity now originates — can prove a lifeline when good habits alone aren’t enough. Tools like Bitdefender Scamio and Bitdefender Security for Content Creators are examples of solutions that can catch what the naked eye increasingly cannot.
Bad actors have moved from platforms like email to the places people spend the bulk of their time online, and they’re armed with technology that’s getting more advanced every day. It’s all of our responsibility to make their job a little harder — and having the right tools in your own corner can’t hurt.
Explore Bitdefender’s suite of home security solutions to stay ahead of social media scams and the latest AI-powered threats'