Here’s straightforward guidance that will protect you from scams and fraud: do not click on online ads anywhere on the Internet! Especially, don’t click on online ads on Facebook or Instagram.

Why? Online ads are a hotbed for fraudulent activity. Malicious actors create ads to trick people into clicking on them, either to collect personal information, sell counterfeit products, install malicious software, or commit some other scam or fraud.

Last week, Reuters published a report that is worth reading (available at https://www.reuters.com/investigations/meta-is-earning-fortune-deluge-fraudulent-ads-documents-show-2025-11-06/) that Meta (aka Facebook) projected that 10% of its 2024 revenue came from malicious ads and banned goods! They also reported that Meta estimates they show users 15 billion scam ads a day. Furthermore, users who click on scam ads are more likely to encounter them again due to Meta’s ad-personalization system.

Another shocking quote from this article: “A May 2025 presentation by its [Meta] safety staff estimated that the company’s platforms were involved in a third of all successful scams in the U.S.”

This isn’t only a Meta problem, although the reporting from Reuters suggests that Meta’s ecosystems are more dangerous than those of other platforms, such as Google. Google reported that it removed 5.1 billion ads in 2024, which, if Google is anything even close to Meta in ad activity (and it probably is close), represents only 0.09% of all malicious ads.

Here are three things you can do to reduce this risk for you.

1. Never click on a paid ad on any platform.

This applies to search engine results, as well as platforms like Facebook, Instagram, LinkedIn, and TikTok. Malicious actors leverage any platform that features paid ads, as the primary purpose of ads is to encourage people to click on them. Bad actors want you to click on their ad so they can continue their scheme against you.

Ad platforms also enable bad actors to target individuals based on their demographic information, as they utilize marketing platforms designed for legitimate companies that aim to target customers as precisely as possible. For example, a bad actor can create a targeted ad for single men aged 20-25 to promote a scheme specifically targeting that demographic, thereby maximizing success.

Also, when you click on ads, you will probably be served a lot of similar ads (since clicking on an ad indicates high-intent behavior), so other advertisers will view you as more likely to click on their ad. This means that you are likely to receive many more malicious ads.

This is similar to the advice I’ve given about never answering an unknown phone call. If a phone spammer knows that a person will answer their phone, your number becomes more valuable and is bought and sold more often, increasing the number of spam calls you will get.

If you see something interesting in an ad, don’t click on it. Look it up with a search engine to verify its legitimacy, and access it using a trusted URL.

Here’s an example ad on Instagram trying to steal financial login information.

Example malicious Instagram ad, courtesy of https://malware.news/t/fake-bank-ads-on-instagram-scam-victims-out-of-money/95695

2. Turn off ad tracking on your devices and your accounts.

Ad tracking is designed to surface the most relevant ads to you based on your activity and behavior, allowing platforms to sell advertisements that are directly targeting you to different advertisers, which can include malicious actors. Turning off ad tracking reduces the signal these companies have on you.

Check out the posts I’ve done on this topic for more information on how to do this.

Turn off personalized ads on Android and iOS:

Disable ad personalization on Meta:

Turn off personalized ads on Google:

3. Consider not using these platforms.

If you aren’t using a platform, you aren’t susceptible to the ads. Part of the risk of using a platform like TikTok, Meta, or Facebook is that you are inundated with malicious ads (as well as copious amounts of misinformation).

Simply using these platforms increases your risk because you are increasing your exposure to potential scams. It’s extremely difficult for anyone to identify every malicious ad or misinformation all the time — scammers are specifically designing these things to be as believable as possible and to fool you. The more you’re exposed, the higher the likelihood that you will end up getting tricked into clicking at some point.

Like any technology, it’s essential to weigh the benefits to you against the risks. “Is this really worth the risk?” is a question that we should all ask ourselves. For many of these platforms, it’s probably not worth the risk!

Stay Safe!

Tate