Whether you want to read the news, discuss your hobby, look for advice, or talk about your favorite band, you don’t need to look further than Reddit to find a community that fits your interests.
But if you use Reddit, or plan on using it, you need to know about these four common scams in order to stay safe.
Catfishing is a deceptive practice that revolves around the perpetrator pretending to be someone they are not. The person engaging in catfishing typically creates a fictional persona, using information and images from other people.
Catfishing is often thought of as a problem related to online dating sites, but that’s not all there is to it. Not every scammer engages in catfishing because they’re lonely, bored, or simply want to troll someone. Some do it for monetary gain; to extract money from their victims. A cursory Google search is enough to conclude that catfishing is fairly common on Reddit, and that it affects people of any gender.
There are countless ways a catfish can go about extracting money from their target. After establishing rapport with the victim, they might ask for a gift, a PayPal donation, or make up a story about being in trouble and ask for a payment in cryptocurrency.
To avoid getting catfished, the best thing you can do is trust your gut. If somebody you met on Reddit seems too good to be true, their stories don’t add up, is refusing to video chat or phone—they are most likely not who they say they are, and you should cease all contact with them.
2. Crypto Scams
Reddit has dozens of popular cryptocurrency communities, and can be a great resource if you’re interested in crypto trading, or just want to learn more about digital currencies and how they work. But if you’re not careful, you can get scammed out of your money.
If you participate in crypto discussions on Reddit, you’ve probably received a private message from someone claiming they can double your money, or promoting a new coin you’ve never heard of. These scams are fairly easy to spot, and most people don’t fall for them, but others are more subtle.
For example, it is not uncommon to encounter so-called shills in Reddit’s crypto communities. They are described that way because their accounts are mostly dedicated to promoting a particular cryptocurrency or a digital product. It wouldn’t be unreasonable to assume that these users upvote each other’s comments and posts, and engage in conversation with one another to make it seem as though the product they’re pushing is legitimate.
Whenever you spot someone promoting a new digital currency you’ve never heard of, make sure you go through the rest of their comments to establish whether they’re being genuine or just trying to inflate the value of what is probably a worthless digital asset.
3. Spam Rings
You’re browsing a subreddit, and at the number one spot of its front page you see a link to a seemingly interesting article. The comments in the thread are all positive, too, but when you click the link it leads you to a website loaded with advertisements and poorly-written content.
How could an article like this receive enough upvotes to hit the front page? And why are users in the comment section praising it, when it’s evidently terrible? It’s likely that the link did not get where it is organically, but was rather posted and upvoted by a spam ring, a group of users working together.
If you just ask Google whether it’s possible to buy Reddit upvotes and accounts, you’ll see dozens of websites selling both. Some providers offer services that include both posting and upvoting a link, while others sell aged accounts with lots of karma, or even entire subreddits.
Black hat online marketing is hardly a novel idea, but Reddit allows spammers to reach a large audience with very little resources: pretty much all a spam ring really needs is a bunch of Reddit accounts and a reliable VPN service.
Granted, there are better and more efficient ways to operate a spam ring, or promote a product. In fact, there is a subreddit dedicated to this. Called r/HailCorporate, it is essentially a community of people who investigate Reddit for what they believe are ads and inorganic posts.
4. Phishing Scams
Phishing is a type a cyberattack in which a threat actor impersonates a trusted individual or entity in order to steal a target’s personal information. Phishing attacks are usually carried out via email, but that doesn’t mean they aren’t common on social networking platforms like Reddit.
Reddit has a private messaging and a chat feature, which are both perfect avenues for a scammer to send a phishing link. A capable cybercriminal would craft convincing copy and disguise their fraudulent link, while finding a way to send their message to as many people as possible.
Alternatively, they could post their phishing link to subreddits that aren’t heavily moderated, which would probably increase their reach. In other words, with a bit of creativity and technical knowledge, a scammer can use Reddit to run highly-targeted and effective phishing campaigns.
And though it’s probably true that redditors are younger and more tech-savvy than the average internet user, it’s easy to see how letting your guard down for a brief moment could result in a lot of trouble, including exposing your personal information and potentially becoming a victim of cybercrime.
This is why it’s imperative you never click on suspicious links, double-check every web address, and carefully read any message from a person you haven’t previously interacted with.
Use Reddit Safely
Like most social networks and discussion websites, Reddit attracts people of all stripes. Unfortunately, this also includes cybercriminals and all kinds of scammers. Though the vast majority of Reddit communities are moderated, catfishing, phishing, spam, and crypto scams still slip under the radar.
Keep that in mind the next time you log into your account. While you’re at it, set a strong password, enable two-factor authentication, and remember to never share sensitive information with other redditors, no matter how trustworthy they seem.