Common Facebook scams and how to avoid them.

With around 2.8 Billion users logging in every month, Facebook is one of the world's most popular social media platforms. Unfortunately, due to this its popularity and usage, scammers and cybercriminals often take advantage of Facebook's huge user base to try to trick people into falling for various types of online scams and fraud. From fake giveaways and phishing attempts to malware distribution and identity theft, there are lots of sneaky Facebook scams you need to watch out for.

We'll endeavour to explain how they operate, what some of the telltale signs to look for are, so you can avoid getting duped and protect your personal information, your money, and your devices from these devious online schemes. With a bit of scam awareness, some basic security precautions, you can navigate Facebook safely and prevent these cons.

Did you know?

Over $58 million was lost to social media fraud in the Australia in the first 10 months of 2024 alone. Total fraud in Australia in 2023 is estimated to be around 2.73 Billion dollars and it is believed that this may represent only a small portion as many people, business and organisations are worried to report it or scared of appearing foolish.

More than a third of Facebook Marketplace ads could be scams, with UK customers potentially losing nearly £60 million in 2023.

30% of people reported falling prey to online job scams via social media in a Good-firms survey.

 

The dangers of falling victim to a Facebook Scam

Falling for Facebook scams can have severe consequences, such as:

• Account Hijacking: Cybercriminals may take control of your Facebook account, access your connections, or access sensitive data, photographs, and videos for identity theft or extortion purposes.

• Financial Losses: You could send money to scammers who post fake ads and Marketplace deals.

• Malware Infections: Hackers employ malicious links in Facebook direct messages (DMs) or phishing emails capable of infecting your device with malware or granting them remote access.

• Personal Data Compromise: Criminals may gather your personal information from Facebook and subsequently use it for identity theft or sell it on the dark web to other malicious actors.

• Emotional and Financial Loss: Romance and job scams can inflict both financial and emotional distress when victims realize their potential romantic partner or employment opportunity was fabricated.

 

Facebook scams you need to know about

1. Fake prizes and giveaways

Scammers create fake pages on Facebook, impersonating well-known brands, individuals, lotteries, or sweepstakes. They dangle the prospect of free prizes, gift cards, or cash giveaways. However, if you engage, you'll likely be asked to provide sensitive personal information like credit card details under the guise of "claiming" your prize or paying bogus fees.

2. "I can't believe he's gone" posts

In this scheme, a post claims someone you know has passed away, accompanied by a video attachment. If you click the video link, you're redirected to a fake Facebook login page designed to steal your account credentials when you enter them.

3. Shady Marketplace Ploys

Facebook's online marketplace can be a hotbed for scams targeting both buyers and sellers. Unscrupulous sellers may advertise highly desirable items at very low prices to lure victims. Alternatively, fake buyers might "overpay" for your item and then request a refund, but their initial payment fails, leaving you out of pocket. Scammers will redirect transactions to non-reversible methods, such as Zelle or Venmo.

4. Investment Scams Promising Riches.

These schemes attempt to convince victims they can earn massive returns through low-risk investment opportunities in stocks, cryptocurrencies, real estate, etc. Despite promises of quick profits from a small upfront buy-in, the fraudsters inevitably abscond with victims' funds.

5. Romance and extortion scams

On social media and dating apps, smooth-talking strangers may forge relationships to eventually request money transfers from their victims. In the sinister "sextortion" variation, scammers coerce targets into sending explicit photos/videos and then demand payment by threatening to release the content publicly.

6. Hacked or cloned friend accounts asking for 2FA codes

In this scam, a hacker takes over one of your friend's accounts, and then the "friend" writes to you saying they need the codes sent to your phone or email. In reality, scammers are trying to hack your account — and the code you share is for your account.

7. "Is this you?" video or photo link scams

In this classic Facebook scam, you receive a photo or video from someone on your list with an accompanying message asking, "Is this you?" or something similar and a link. If you click on it, you're taken to a fake website that asks for login details or infects your device with malware.

8. Facebook quiz scams

Taking a Facebook quiz is fun, but many of the questions are common cybersecurity questions.

For example, the quiz may ask you to share your name, date of birth, mother's maiden name, pet's name, email address, or phone number. With your guard down, you may unknowingly disclose sensitive information that compromises your online security.

In a nutshell, Facebook quizzes steal your data for social engineering purposes.

9. Ads for phony items or fake offers

In most cases, you first see a fake ad tempting you with low-cost items. But if you click on the ad, you'll either be taken to a fake store that steals your payment details or pay for a counterfeit or low-quality item.

10.  Fake Facebook's Support Team

Fraudsters frequently pose as Facebook's support staff through phishing emails and messages in an attempt to steal login credentials or install malware on your devices. Common tactics include falsely claiming your account is being disabled, compromised, or breached, your payment has failed, or something similar. They also send a link to follow and re-enter your password, and if you do, you give them access to your account.

11.   Work-from-home and other fraudulent job offers

With work-from-home roles in high demand, fake job listings have become a lucrative scam. They often begin by enticing applicants with appealing offers, only to eventually request sensitive personal data like Tax File Numbers and bank account numbers under the pretext of onboarding - information that may then be sold on shady networks for nefarious purposes.

 

Here are some protective measures you could adopt right away to enhance your security on Facebook and other social media platforms:

1. Utilize a robust and unique password for your Facebook account, combining uppercase, lowercase, numbers, and symbols for improved resilience against account takeovers.  You can always opt for a Password Manager that generates and stores passwords safely.

2. Enable two-factor authentication (2FA) to add an extra layer of security beyond just a password when logging in, such as fingerprint scans, push notifications, or hardware security keys.

3. Adjust your privacy settings to limit the visibility of your profile and personal information, reducing potential targeting by fraudsters.

4. Turn on login alerts to receive notifications when your account is accessed from an unfamiliar device, browser, or location, allowing you to identify unauthorized access attempts quickly.

5. Regularly review your login history and active sessions for any suspicious activity, such as logins from unfamiliar locations or actions you don't recall taking.

6. Use Facebook's security review tools to assess and strengthen the privacy measures protecting your account.

7. Exercise caution and refrain from clicking on any unsolicited links sent via Facebook messages, emails, or texts, as they could be phishing attempts.

8. Decline friend requests from strangers or existing connections, as these could be impostors using cloned profiles to gain access to your network.

9. Report any suspected scams or fraudulent accounts to Facebook to enable investigations and potential account removals or bans.

10. Vigilantly monitor your financial accounts and credit reports for signs of identity theft or unauthorized activities resulting from Facebook scams.

11. Add Scamio (https://www.bitdefender.com/en-au/consumer/scamio) to your Facebook Messenger. Scamio is an AI-enabled scam detector tool from security company Bitdefender, which you can use to uncover scams and scammers. Simply send Scamio any texts, messages, links, QR codes, or images you encounter on Facebook and suspect may be a scam. Scamio will analyze them and let you know if they are indeed fraudulent. If they are, you can then report the fraud attempts to help warn others and block those scammers from the platform.

Scamio is free and also available on WhatsApp and your web browser.

 

Q&A

Q: I got scammed on Facebook. What can I do?

A: If you've fallen victim to a Facebook scam, take immediate action. First, report the scam to Facebook so they can investigate and potentially remove the fraudulent account or pages involved. Next, closely monitor your financial accounts and credit reports for any unauthorized activities or signs of identity theft. Consider placing a fraud alert or security freeze on your credit file. Additionally, change your Facebook password and enable two-factor authentication to secure your account. Lastly, report the incident to the appropriate authorities, such as your local police department or Scam Watch.

Q: How can I spot a fake giveaway or contest on Facebook?

A: Be wary of giveaways or contests that require you to provide personal information or make upfront payments to claim a prize. Legitimate companies will not ask for sensitive data like credit card numbers or Tax File numbers or bank account details to enter a contest. Watch out for giveaways promoted through unsolicited direct messages or posts from accounts you don't recognize. Scammers often create fake pages impersonating well-known brands or celebrities to lure victims. Always verify the authenticity of the giveaway by checking the official website or social media accounts of the company or organization running it.

 

Q: What are some common Facebook Messenger scams to be aware of?

A: One prevalent Facebook Messenger scam involves receiving messages from someone you know, often with a link or video attachment, asking if the content depicts you. However, clicking the link could lead to a malicious website designed to steal your login credentials or infect your device with malware. Another Messenger scam entails fraudsters impersonating friends or family members, claiming they need you to share a two-factor authentication code sent to your phone or email. The code is for your account, and sharing it would give scammers access. Additionally, be cautious of unsolicited messages promising free money, prizes, or job opportunities, as these are common lures used by scammers to trick victims into revealing personal information or making payments.