Scammers love Facebook! It allows them to quickly and cheaply reach huge numbers of potential victims. Facebook is free, straightforward to use, and accessible to people at all Internet savviness levels. So, there is a never-ending supply of naive and inexperienced users that Facebook scammers can target.
Here I summarise four scams that target Facebook users around the world every hour of every day.
Perhaps you are already well aware of these scams. But, what about your friends, family members and work colleagues? I’m betting that at least a few of them are potentially vulnerable.
You can help stop scammers by ensuring at-risk Facebook users know how to recognise these four common Facebook scams.
1: Facebook Phishing Scams
Facebook phishing scammers want the login credentials for your Facebook and email accounts. They want your personal and financial information.
One way criminals achieve these goals is by sending you fake messages that claim that your Facebook account is about to be disabled or suspended. The messages, which may arrive via Facebook’s internal messaging system or email, appear to originate from official entities such as “Facebook Security”, “Facebook Admin”, or the “Facebook Ads Team”.
Typically, the messages warn that your account has been reported by other users or is in violation of Facebook’s Terms of Service and is therefore about to be closed permanently. But, claim the messages, you can avoid the pending account closure by clicking a link to “confirm” or “verify” your account.
Clicking the link will take you to a fraudulent website that has been built to look like it is part of Facebook. Once on the fake page, you will be asked to log in with your Facebook account email address and password. You will then be taken to further fake forms that ask for your email account password, your credit card details, and a lot of other personal information. After submitting all of the requested information, you may receive a final message claiming that you have successfully avoided the account suspension.
Meanwhile, the criminals can collect the information you supplied and use it to hijack your Facebook and email accounts. Once they have gained access, they can use the compromised accounts to launch further spam and scam campaigns, including more Facebook phishing scams like the ones we discuss here.
They can also use your credit card to make fraudulent purchases. And, if they have gathered enough of your personal details, they may even be able to steal your identity outright.
Keep in mind that if Facebook needs you to deal with an account issue, you will be notified about the issue when you log in to your account. You will NOT receive such a warning via email or private message that threatens an account suspension if you do not click a link. If you receive such a message, delete it. Do not click any links in the message.
This Hoax-Slayer YouTube video describes these “account disabled” phishing scams in more detail:
Other types of Facebook-related phishing scams may trick you into clicking a link in a personal message from a friend. The message may claim that the friend has seen you in a compromising photo or video, and you should click to access it. Or, the message may claim that you should click to view a “breaking news” report or “urgent” warning. Again, the link will lead to a fake Facebook site designed to steal your login credentials and other personal information. You receive these messages because your friend’s Facebook account has been hijacked by scammers and used to distribute more of the same scams. You can read more information about these scams here.
It is always safest to login to Facebook either by entering the address into your browser’s address bar or via an official Facebook app.
2: Facebook Cloning
Facebook cloning describes a technique in which scammers create a fake Facebook profile using images and other information stolen from a targeted user’s real Facebook profile.
The scammers may be able to create a profile that – at least at first glance – looks very much like the target’s genuine profile. Especially if the victim has all or some of their profile material set to “public”.
Why would scammers do this? Once the scammers have created a fake profile, they can send friend requests to people on the targeted person’s friends list.
At least a few of the victim’s friends may accept this second friend request because they mistakenly believe that the victim has accidentally unfriended them. Or, people with a large number of Facebook friends may have forgotten that they were already friends with the victim and accept the second friend request. And, regrettably, some Facebook users tend to immediately accept friend requests without due forethought.
Once the scammers have a few “friends” on the fake profile, they can then start sending scam messages in their victim’s name.
You can read a lot more information about Facebook cloning and how to protect yourself from it in this dedicated Hoax-Slayer report on the topic.
3: Facebook Lottery and Grant Scams
Advance fee scammers often create scam messages claiming to be from high-profile companies such as Coca-Cola, Mercedes, or Microsoft. And, these days, Facebook is often their company of choice.
An increasing number of advance fee scam messages purport to come from Facebook. Typically, the messages claim that the “lucky” recipient has won a large cash prize in a promotion, lottery or award organised and managed by Facebook. Some are quite crude. Others are more sophisticated. A few even claim to come directly from Facebook CEO Mark Zuckerberg himself.
Some arrive via email. Others may be distributed as private messages from within Facebook itself, often via hijacked or cloned accounts.
Details in the messages may vary, as may the method by which they are distributed. All claim that “winners” can collect their unexpected prize by contacting a designated agent or department.
Those who make contact as instructed will soon be asked to pay various upfront fees, ostensibly to cover unavoidable expenses such as bank fees, tax payments, insurance, or delivery costs. The criminals will claim that these fees cannot be deducted from the prize itself for legal reasons or company policy.
Alas, no matter how much money victims send, they will never get the promised prize, which never existed, to begin with. And all of the money they send will line the pockets of the greedy criminals running the sting.
If victims supply enough personal and financial information during the scam, the criminals may also manage to steal their identities.
Users should be very cautious of any email claiming that they have won a large prize in a lottery, promotion or award that they have never even entered. If you receive such a message, do not reply. And do not click any links or open any attachments that it contains. The best way to deal with these scam messages is to hit the delete button.
4: Facebook Giveaway Scams
Facebook hosts a great many bogus competition pages. These bogus Pages promise amazing prizes such as store vouchers, holidays, luxury vehicles, ocean cruises, free air travel, and even houses in exchange for liking, sharing, commenting, and filling in surveys. Despite many warnings about such scams, vast numbers of Facebook users continue to fall for them.
Of course, there are plenty of genuine competitions promoted on Facebook. But, unlike the scams, posts promoting these genuine competitions will have clearly defined terms and conditions. If a major company is offering the prize, the associated Facebook Page will usually include Facebook’s blue “verified” icon beside its name. Moreover, the prizes offered will be more realistic. For example, if a Page claims that you can win an expensive prize such as a Range Rover or air tickets to anywhere in the world just for liking and sharing, it is likely to be bogus.
The fake Facebook Pages are often newly created and have very little content. To create the illusion they are genuine, the scammers will often use Page names very similar to that of the targetted company. For example, if they target Disney, they may call their fake Page “Walt Disney World.” – note the period in the name – rather than “Walt Disney World”. Many users may not notice the misplaced period at the end of the Page name and thus assume that they are on a genuine Disney Page.
There are basically two versions of these prize scams that often work hand in glove.
Like-farming scams ask you to like, share, and comment for a chance to win the promised prize. As the name suggests, these scams are designed to collect, or “farm” large numbers of Facebook Page likes as quickly as possible. By participating, you ensure that an ever-widening audience will see the bogus prize post, and the fraudulent Facebook Page will thus gain a great many new likes. After the Page has substantially increased its like numbers, scammers will often use it to launch survey scams, as discussed below. Because of the initial like-farming campaign, the subsequent survey scam posts can reach a much larger audience and thus generate a lot more money for the scammers.
Alternatively, scammers may sell the fake Facebook Page on the black market to other scammers who will re-purpose it to suit their own nefarious goals. The more likes a Page has, the more it can be sold for.
This Hoax-Slayer YouTube video explains more about how like-farming scams operate:
As noted, Facebook survey scams often follow on from initial like-farming scams. Other versions may bypass the like-farming phase and jump right into the survey tactic.
Again, the fraudulent posts will offer fabulous prizes in exchange for liking, sharing, and commenting. But, this time, the posts will also instruct you to click a link to enter a prize draw or claim your giveaway.
If you click the link, the page will tell you that you must first fill in one or more surveys before claiming your giveaway or prize entry. A window will present you with a list of survey links to click on. The links open various websites that offer the chance to win further prizes in exchange for filling in surveys and providing your name, email address, home address, and phone numbers. But, fine print on the sites will explain that, by participating, you are permitting your personal information to be shared with “site sponsors” and third-party marketing companies. Thus, soon after participating, you will begin receiving unwanted and annoying phone calls, text messages, emails, and surface letters promoting various products and services you most likely neither want nor need.
In other cases, the scam survey sites may try to trick you into subscribing to very expensive SMS “clubs” that will charge you several dollars for every inane and pointless text message they send you.
Meanwhile, the scammers who created the bogus Facebook giveaway Pages will earn commissions each time somebody provides their information on one of the survey sites.
And, of course, no matter how many surveys you complete or how much information you provide, you will never get the promised giveaway or prize entry, which never existed in the first place.
This Hoax-Slayer YouTube video covers what happens during a typical survey scam:
Of course, criminals use many different tactics to separate Facebook users from their money and personal information. But the four scams discussed here are among the most common threats to Facebook users. If every Facebook user knew about these four scams and how to avoid them, Facebook would be a lot more safe and secure.
Importance NoticeAfter considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.
These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.
Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.
And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.
When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.
I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.
A Big Thank YouI would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.
I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.
Closing DateHoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.
Thank you, one and all!