Let's talk about... scams.
What are the biggest hints I'm being scammed?
1. Check the person the message is coming from
a) if it's a user, check their profile: What were their most recent activities? How long have they been registered for? Do they have any assigned staff roles? Do they only post in very specific time sequences or very regularly? Do they only post content on one specific topic?
b) if it's an e-mail, check the sender: Is the domain actually correct (beware of tiny spelling errors)? Does the address have numbers, dots or extra words (like .admin, .shop, .service, etc.)? Is it officially listed as official contact info?
2. Check the contents
a) Is whatever they claim in accordance with what you'd expect? Do you expect to be suspended or banned? Do you expect the site or service actually needs what they're asking of you for operating?
b) Does it contain a lot of "scary" words (i.e. alarm, alert, emergency, urgent, asap, delete, police, penalty, etc.)? Does it contain "threats" (deadlines, negative consequences, etc.)?
- Tip: if you're feeling very concerned, alarmed, uneasy or insecure, always take a minute to breathe and double-check what you just read. Same goes for news articles, etc.
c) Are there spelling errors? Does it look AI-generated?
d) Does it ask you to become active (i.e. click a link, provide private information or pay something)?
3. Use logic.
Does any of what you're reading make sense?
a) Would the authoritative figure approaching you approach you using this measure?
b) Would they require you to provide what they tell you? Do they need that?
c) Do the people or institutions contacting you even have your contact information?
d) Does the content align with local laws, regulations and rules?
What can I do if I think I'm being scammed?
Most of the time: Do absolutely nothing. Do not respond (that way they'll know you're approachable), do not click any links, do not open any attachments. If you can do so, report the scam to representatives of the institution that claims to be approaching you.
But what if it's something really serious?
Do NOT use the contact information provided in the message. Always use search engines or the original domain's website to check for contact info and use the official services.
What if I think my account might have been hacked?
Make sure your e-mail hasn't been hacked as well - you can do that by accessing your account and looking at sent or deleted e-mails
Make sure your e-mail hasn't been grabbed, using sites like "have I been pwned" and others (make sure they're trustworthy first)
If you're very wary, change your password. Make sure it significantly differs from all your other passwords. If you had the same password on different platforms, change it on all of them.
Now, let's apply that to today's example.
1. The account has been deleted, but I would guess it wasn't very old and didn't have much in activities feeds.
2.
a) MDL does not need any more data from you. Changes in policies would not be communicated via private messages only. If you didn't really offend someone recently, you wouldn't expect to be suspended.
b) The Username had "alert" in it, which is one scary word. They also used "suspended" and "restricted". (Interestingly, they also used positive words to make you feel relieved there's a solution and convinced it's a good thing, like "protect", "guide", "regain" and "secure link").
c) No spelling errors, but minor grammar inaccuracies.
d) They are asking you to click a link where you provide personal data. Immediate giveaway.
3.
a) MDL would probably not approach you via private message regarding a rather significant update in their Privacy Policy. They also probably would have given every user time in advance to provide information needed, rather than first suspending the account and going through the motions of sending each user a message.
b) If there has been no official information prior, you shouldn't expect to need to verify anything.
c) How did they find your username? It wouldn't make sense to approach each person individually for such a big thing. (My guess is: recent feed posts. Not the way MDL would find users.)
d) MDL has not given any information on new Privacy Policies or rules for suspension, so no, it doesn't align with MDL rules and policies.
Last, but not least: You are reading this message with the account that's apparently been suspended. You're posting on feeds with the account said to be suspended. If you were truly suspended, you couldn't do that.
Privacy Policies are also usually easily accessible on the site; you could always check there as well.
What do I do now?
Nothing. I believe the user and the messages have all been deleted by now. Please do not click on any link. If you have done so, change all passwords of accounts used and any other personal data you provided. Make sure there have been no downloads on your device. Be cautious for the next couple of weeks, as mentioned above.
If you haven't got any spam messages today: congrats!
