Be Aware: Ensure you have appropriate privacy settings on social media and other websites to restrict who can see your information. Fraudsters will gather OSINT (open source intelligence) on targets using social media, such as dated birthday party pictures of “Happy 40th!” to work out birthdates.
Consider that SMSs, WhatsApp, social media messages, emails and phone calls asking for personal information could be fake.
Information such as your telephone or mobile number, date of birth, address or bank account number can be used by fraudsters to attempt to steal your identity. Protect your information.
Don’t Click: Links in emails, social media messages, posts, tweets or texts could be malicious or be used to try and gain access to your information, don’t click on them if you are unsure.
Think Twice: Take your time and be aware that fraudsters will try and make you panic so as not to properly consider what you are doing.
Social engineering is used by fraudsters daily to get people to click links, give out information, transfer money, allow access to devices, etc. See how they do it: The psychology of social engineering—the “soft” side of cybercrime - Microsoft Security Blog
If something seems too good to be true, it probably is.