In January, I discussed how scammers commonly use money-based schemes, bot spam, pay-per-follower ploys, illegitimate direct messages (DMs), and worms to harass Twitter users. These malicious actors are in it for the money and/or for unauthorized access. They do not care where or how they need to compromise someone in order to obtain what they want, a single-minded focus which translates into a willingness to scam users everywhere on the web. That includes other social media platforms. To illustrate, here is a guide on four scams that users commonly face on Facebook.
Scam #1: "Who's Viewed Your Profile?" Ploys
Source: ZDNet One of the most common scams on Facebook has been around for almost as long as the social networking site itself, reports USA Today. In this ongoing ruse, malicious actors advertise websites and applications, such as "Profile Visitor," that claim they allow a user to view who has recently visited their profile. Emil Protalinski of ZDNet provides the text of one such scam known as Facebook Profile Viewer:
"New Update from facebook. Now you can check who visited your profile. check here -------->>>@[266343576787035:128:FAŒBOOK PROFILE VIEWER ®]<<<<------ Who Watching your Profile ? [Facebok user]'s Photos"
There is currently no way to see who has visited your profile, writes cybercrime expert and blogger Graham Cluley. As a result, Facebook Profile Viewer and Profile Visitor, among other offers, lead to malicious downloads, connect to a Facebook user's profile, and ultimately try to ensnare victims' friends into the scam. With this type of access to their victims' profiles, scammers can easily set about to steal Facebook users' identities.
Scam #2: Dislike Buttons and Extra Features
Source: HackRead The profile viewer scam is a standalone example of another common Facebook scam type: advertisements that claim users can add extra features to their profiles. Some well-known instances of this include apps that claim users can customize the look or layout of their Facebook profiles. (According to USA Today, while some legitimate programs do have the capability of altering how a user views their own profile, no program currently exists that allows a user to change how others view their page.) We have also just recently seen a resurgence of "Dislike" button schemes, which claim that users can download a fake counterpart to Facebook's "Like" button by visiting a webpage. As with the profile viewer, most of these links are bogus. Some lead to websites hosting malicious plugins, whereas others sign users up for premium SMS services, thereby generating very high mobile bills at the end of each month. Users can avoid this type of scam by downloading apps from trusted Facebook services only.
Scam #3: Fake Viral Videos
Source: HOTforSecurity Most users of social media are by nature curious. They are interested in learning what is going on with their friends, their communities and the world at large. Unfortunately, scammers understand this curiosity and exploit it in an attempt to lure users into clicking on fake viral videos. The bait scammers use to entice potential victims ranges from "shocking" videos to scandalous celebrity sex tapes. In many of these cases, clicking on the video's link leads a user to another page that prompts them to upgrade their video player. This executable is fake and typically contains some sort of malware or spyware. In other instances, scammers hijack a legitimate Facebook user's account and abuse that access to send all of the user's friends a message with the claim that the video captures the friend doing something embarrassing/humiliating. With their curiosity piqued, some users click on the link, which leads to a fake page that captures the look and feel of Facebook's real login page – a classic twist of the ever-persistent phishing scheme. Users should be wary about downloading unknown software onto their computers. They should also always verify Facebook's URL before attempting to sign in.
Scam #4: Illegitimate Free Giveaways
Source: HOTforSecurity The fourth and final common Facebook scam covered in this article is illegitimate free giveaways. According to Facecrooks, malicious actors who prefer this type of scam typically hijack a Facebook user's account and send out messages/posts that advertise free products, including iPads, gift cards, air traffic vouchers and video games. Clicking on the advertisement's link leads to marketing gimmicks where users are asked to complete additional "special," "reward," or "bonus" offers, many of which cost real money, in order to qualify. A variation of this scam involves spammers posing as Facebook executives, sometimes as Mark Zuckerberg himself, and announcing that a user has won a large sum of money. All the user needs to do, the scammers claim, is send a small advanced fee to claim their prize. Of course, after sending in the fee, their reward never comes. With this type of scam, it is important to remember that most legitimate companies (including Facebook) never advertise free giveaways in messages to users – they always host such contests on their pages. With this in mind, if the giveaway is not advertised on the company's Facebook business page, then it's probably a dud.
Conclusion
As with Twitter, knowing what scams to look out for on Facebook can make for a more enjoyable social networking experience. Please stay tuned for the final installment of our social media scam series in which I tackle ruses and ploys on LinkedIn. Also, if you have seen any other Facebook scams, please let us know in the comments below. Title image courtesy of ShutterStock
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.
