logo
https://whitelabel-manager-production.ams3.digitaloceanspaces.com/thumbs/2-x1-article-header-image-603fc.jpg_800x.jpg
March 3, 2021
Author: James Greening
Type:
Scam Trends

Buying & Selling Social Media Accounts: An Open Secret

Pretty much every person has at least one social media account - be it Facebook, Instagram, Twitter, Pinterest, LinkedIn or any of the countless others. It is free to create an account on these websites. Yet, there are secret marketplaces hidden in plain view that are engaged in the buying and selling of social media accounts. In this article, we shall take a look at why these marketplaces exist. 

Looking at the Terms of Service and User Agreement documents of various social media sites, we can clearly see that accounts are not to be bought or sold for any reason. These are the policies of some popular social media sites:

Facebook:

policy-1-fb-603fc.PNG

Instagram:

 
policy-2-insta-603fc.PNG

Twitter:

 
policy-4-twitter-603fc.PNG

Linkedin:

 
policy-3-linkedin-603fc.PNG

Despite the Terms of Service documents of all the social media websites clearly mentioning that buying and selling of accounts is strictly disallowed, social media marketplaces are thriving due to the considerable demand for purchasing accounts. Delving deeper into this world, we find that the accounts are often used for nefarious purposes.

How are social media accounts acquired?

There are two ways in which social media accounts are acquired. The first way is through sellers who make an income by ‘flipping’ accounts ie. taking an account with a low follower count, increasing the followers and then selling it off. Though it may sound harmless, the tactics used by ‘flippers’ are almost always spammy, if not scammy. 

For example, they might post fake giveaways to urge people to follow the account and invite others to do the same to win a non-existent prize. They even impersonate celebrities to quickly gain followers before putting the account up for sale. After being sold, this account then undergoes a complete makeover in terms of the page details, profile picture, etc. and all the previous posts are wiped. 

The only thing that remains from the account’s ‘previous life’ are the followers, who may not even realize that the page that they followed earlier now has a completely different identity.

The second way, which is more common, is by buying hacked accounts from ‘resellers’. As many people make the cardinal internet sin of using basic passwords so that they don’t forget them, hackers can easily make their way into the accounts by trying common passwords such as 123456, qwerty, password123 and similar ones.

They can also perform a ‘brute force’ attack by trying thousands of password combinations within minutes using specialized software. As most users neglect to enable two-factor authentication, it just makes the job of hackers easier. Once they gain access, they simply change the email ID and password, thereby locking out the original user. 

Rarely, hackers manage to access the database of a social media platform directly and steal the account details of thousands, if not millions, of users. One of the largest data breaches of all time occurred in 2016, in which hackers got their hands on the details of 412.2 million accounts on the social networking service Adult FriendFinder.

How are the accounts bought and sold?

Surprisingly, the sale of social media accounts is not a clandestine activity that is relegated to the Dark Web. You might be astonished to know that there are websites that are engaging in the trade of social media accounts in plain sight. Some site-owners have even contacted us for verification claiming that their services are legal, even though it is clearly not the case.

legal-603fc.PNG

There are sites that sell accounts only for specific sites such as Facebook, while others offer packages of accounts for various sites.

shop1-603fc.PNG a:0:{}
shop2-603fc.PNG a:0:{}

These stores are sophisticated and even allow buyers to choose accounts as per criteria such as the number of followers and their budget.

shop3-603fc.PNG a:0:{}

The cost of an account can be as low as $5 going up to $500 if it has thousands of followers. There are even discounts for purchasing accounts in bulk.

a:0:{}
pack-603fc.PNG a:0:{}

They also give tips on how to prevent the account from getting banned, which clearly shows their awareness regarding the dubious nature of their services.

shop5-603fc.PNG a:0:{}

While some of these sites do deliver on their promise, there is no guarantee that they will. As the trade itself is illegal, it is easy for scammers to take money under the pretense of selling accounts and run away. In such a case, there will be no place to complain as it is not a legal transaction.

What are the purchased accounts used for?

In some cases, accounts are purchased simply for vanity. Building a social media following is difficult, but anyone with money to spare can buy an account with a few thousand followers built-in, giving the external appearance of popularity. These vanity accounts can be purchased either by individuals or brands looking to take a shortcut. In the latter case, it can be seen as being deceptive, as people may undeservedly trust the brand owing to its perceived popularity. 

We tried to implore one of the site-owners about how their services could possibly be used for legal purposes. Instead of presenting convincing answers, they digressed into irrelevant topics, while at the same time admitting that their services are in violation of social media policies.

legal2-603fc.PNG

At Scamadviser, we have observed that a large number of these accounts are used for the purposes of scamming. Common scams executed using fake accounts include Imposter Scams, where a scammer will pretend to be a close family member or friend and request money to be sent for an emergency. They may also urge them to invest with a fake company by pretending to have made great profits from the ‘trusted’ investment firm.

Purchased accounts are also extensively used by Advance Fee scammers to approach random users and ask for money for various reasons, such as to obtain the winnings of a fake lottery or as part of a Romance Scam.  

These accounts are also used to mislead users on the platform by coordinating social media ‘storms’ to get a particular topic trending for marketing or political reasons, mass-following brands/celebrities and driving traffic to malicious websites. On Quora, purchased accounts are used by investment and recovery scammers for posting promotional spam disguised as an answer to a question. Another common use of purchased accounts is to write fake reviews.

How to spot a fake account

There are a few telltale signs that you can watch out for to determine if an account is fake:

  • Lack of information such as education details, work details, interests, etc.
  • Lack of posts such as pictures and videos
  • All the posts revolve around the same subject, such as a page or a website and seem to be promotional in nature
  • The user has joined a large number of groups
  • The account has very few friends/followers (<10) or too many friends/followers (>1,000)
  • The ‘Page Transparency’ section of the Facebook page shows that the Page Name has changed recently

How to protect your social media account

No account is completely safe from being hacked, which makes it extremely important to secure your account to the maximum extent possible. Following these simple tips can go a long way in ensuring that you never lose control of your account:

  • Use strong passwords: The general guideline for creating a strong password is that it should contain at least eight characters, including capital letters, numbers and symbols. There are websites and apps that can generate strong passwords for you, but you might need to use a password manager if you go that route as they are impossible to commit to memory.

  • Enable two-factor authentication: Also known as TFA or 2FA, enabling this option makes it such that a password alone is not enough to access the account. You will receive a verification code via text message, email or an authenticator app to prove that you are the original owner of the account.

  • Avoid installing third-party apps: Third party apps on platforms like Facebook can serve as ‘back doors’ that allow hackers to access your account without even having the details. The fun little quiz you took might end up compromising your account.

  • Never share account or personal details with strangers: Hackers use ‘social engineering’ to gain access to accounts by pretending to contact you regarding account security. They may then ask you details such as your mother’s maiden name, your first pet, your hometown, etc. which can be used to reset your password. In other cases, they may directly ask you for the password.

  • Do not click on links in emails: You might receive a scary official-looking email that appears to be from a social media site telling you that there is a problem with your account. The link included in the email will lead to a spoofed page designed to steal your details. To avoid getting ‘phished’, always go to the website directly and log in from there. 

 

Now that you know the facts about stolen social media profiles, be cautious if you receive strange requests from people you know and also if they start posting about things they never would before. Make sure you secure your account so that people around you don’t fall for a scam by someone pretending to be you.

See other articles in this category
Report a Scam!
Have you fallen for a hoax, bought a fake product? Report the site and warn others!
Report a Scam

Scam Categories

Scam Tags

About Us Check Yourself Contact Disclaimer
Developed By: scamadviser-logo