Skip to content ↓ | Skip to navigation ↓

In January, I discussed how scammers commonly use money-based schemes, bot spam, pay-per-follower ploys, illegitimate direct messages (DMs), and worms to harass Twitter users. These malicious actors are in it for the money and/or for unauthorized access. They do not care where or how they need to compromise someone in order to obtain what they want, a single-minded focus which translates into a willingness to scam users everywhere on the web. That includes other social media platforms.

To illustrate, here is a guide on four scams that users commonly face on Facebook.

Scam #1: “Who’s Viewed Your Profile?” Ploys

viewer profile scams
Source: ZDNet

One of the most common scams on Facebook has been around for almost as long as the social networking site itself, reports USA Today. In this ongoing ruse, malicious actors advertise websites and applications, such as “Profile Visitor,” that claim they allow a user to view who has recently visited their profile.

Emil Protalinski of ZDNet provides the text of one such scam known as Facebook Profile Viewer:

“New Update from facebook. Now you can check who visited your profile. check here ——–>>>@[266343576787035:128:FAŒBOOK PROFILE VIEWER ®]<<<<—— Who Watching your Profile ? [Facebok user]’s Photos”

There is currently no way to see who has visited your profile, writes cybercrime expert and blogger Graham Cluley. As a result, Facebook Profile Viewer and Profile Visitor, among other offers, lead to malicious downloads, connect to a Facebook user’s profile, and ultimately try to ensnare victims’ friends into the scam.

With this type of access to their victims’ profiles, scammers can easily set about to steal Facebook users’ identities.

Scam #2: Dislike Buttons and Extra Features

dislike button scams
Source: HackRead

The profile viewer scam is a standalone example of another common Facebook scam type: advertisements that claim users can add extra features to their profiles. Some well-known instances of this include apps that claim users can customize the look or layout of their Facebook profiles. (According to USA Today, while some legitimate programs do have the capability of altering how a user views their own profile, no program currently exists that allows a user to change how others view their page.)

We have also just recently seen a resurgence of “Dislike” button schemes, which claim that users can download a fake counterpart to Facebook’s “Like” button by visiting a webpage.

As with the profile viewer, most of these links are bogus. Some lead to websites hosting malicious plugins, whereas others sign users up for premium SMS services, thereby generating very high mobile bills at the end of each month.

Users can avoid this type of scam by downloading apps from trusted Facebook services only.

Scam #3: Fake Viral Videos

fake viral video scams
Source: HOTforSecurity

Most users of social media are by nature curious. They are interested in learning what is going on with their friends, their communities and the world at large. Unfortunately, scammers understand this curiosity and exploit it in an attempt to lure users into clicking on fake viral videos.

The bait scammers use to entice potential victims ranges from “shocking” videos to scandalous celebrity sex tapes. In many of these cases, clicking on the video’s link leads a user to another page that prompts them to upgrade their video player. This executable is fake and typically contains some sort of malware or spyware.

In other instances, scammers hijack a legitimate Facebook user’s account and abuse that access to send all of the user’s friends a message with the claim that the video captures the friend doing something embarrassing/humiliating. With their curiosity piqued, some users click on the link, which leads to a fake page that captures the look and feel of Facebook’s real login page – a classic twist of the ever-persistent phishing scheme.

Users should be wary about downloading unknown software onto their computers. They should also always verify Facebook’s URL before attempting to sign in.

Scam #4: Illegitimate Free Giveaways

fake giveaway scams
Source: HOTforSecurity

The fourth and final common Facebook scam covered in this article is illegitimate free giveaways.

According to Facecrooks, malicious actors who prefer this type of scam typically hijack a Facebook user’s account and send out messages/posts that advertise free products, including iPads, gift cards, air traffic vouchers and video games.

Clicking on the advertisement’s link leads to marketing gimmicks where users are asked to complete additional “special,” “reward,” or “bonus” offers, many of which cost real money, in order to qualify.

A variation of this scam involves spammers posing as Facebook executives, sometimes as Mark Zuckerberg himself, and announcing that a user has won a large sum of money. All the user needs to do, the scammers claim, is send a small advanced fee to claim their prize. Of course, after sending in the fee, their reward never comes.

With this type of scam, it is important to remember that most legitimate companies (including Facebook) never advertise free giveaways in messages to users – they always host such contests on their pages. With this in mind, if the giveaway is not advertised on the company’s Facebook business page, then it’s probably a dud.

Conclusion

As with Twitter, knowing what scams to look out for on Facebook can make for a more enjoyable social networking experience. Please stay tuned for the final installment of our social media scam series in which I tackle ruses and ploys on LinkedIn.

Also, if you have seen any other Facebook scams, please let us know in the comments below.

Title image courtesy of ShutterStock

Endpoint Detection & Response For Dummies
  • James

    There is a lot of ad fraud on Facebook too. Fraudsters create fake blogs with little to no content, then spam posts and comments, even creating pages to drum up traffic. These pages and posts are usually disguised as porn videos, sometimes very graphic or even illegal in nature – anything to get a click. When users do click they get taken to the blog site, which is laden with ads. The thing is, Facebook often take no action and some of these pages are getting hundreds of thousands of visitors.

  • mimranyameen

    Scams, scams every where, why dont facebook work it out and made this space more private for us?