Hey there Internet traveler! Anecdotally we’ve seen an uptick in certain scams making the rounds again on Facebook. We thought we’d break them down for you a little bit and give you a place to explore how to figure out if a post is a scam or not.

Just a warning. Some of the images, while not extremely graphic, could be a little distressing or also a little adulty for some people. Continue at your own discretion.

The scams we’re showing you here, and any others you come across for that matter, all rely on Social Engineering. We’ve talked about this subject in various ways here, here, and here. In short, it’s about tricking people to give up sensitive information and/or to get someone to do something out of character like clicking on a malicious link. Phishing is probably the subset of Social Engineering you are most familiar with.

The first scam we’re going to show you is what we consider contest/sweepstakes scams. These scams typically involve winning tickets or high value items, which is already a lure to get someone to act impulsively. The language is key to these scams. It’s meant to deliberately create scarcity and a time constraint. “Only 2 tickets left and the contest ends in three days” is an example of this kind of language because of the limited supply of tickets (scarcity) and the contest ending in two days (time constraint).

In the screenshots below, you’re asked to find certain numbers in the post image and people comment about what they found.

Facebook scam where bad actor is pretending to be a Toyota car dealership telling people will win a prize

Fake contest scam on Facebook with entity pretending to be a camper/rv organization

 

Fake Facebook contest with bad actor pretending to be a log home organization

You’re then directed to click on a link to verify your entry. In the fake Toyota contest screenshot, they’ve used one of Facebook’s buttons you can add to a business page to allow people to engage in different actions. The entity controlling this page wants you to click on it. If you’ll notice right below the button, it shows a tinyurl.com link. TinyURL is a link shortening service and these services are often abused by bad actors because they use them to mask the real link of where they want to send you. Scammers also like to use Google Sites because it’s a free application by Google that allows someone to spin up a website quickly at no cost. The scammers want a cost effective solution, so this is a win for them, and by abusing Google’s brand, when someone sees the word “Google” in the website URL they may implicitly trust that what they’re about to click on is safe.

When someone comments on, or reacts to, or shares these scam posts, this allows the scammer to scrape your information. You might be retargeted for more scams or phishing attempts over social media. We’ll go into a little more detail later of what’s at risk for you if you fall for a scam.

Now, if you do a little more digging into a scam, you may notice interesting patterns emerge. In our case, all of these pages you see in the screenshots operate out of Indonesia. If you look at the post dates, they’re all within a few days of each other too. Not to mention the page names represent different interests, so it’s not like the scammer is only pushing out one post everywhere. They want a variety so it appeals to different people.

We’ll walk you through one last scam. This one targets those that have a soft spot for animals. What we’ll show you also applies to uncovering other types of scam posts you may encounter on the social media platforms you use.

This particular type of scam is a tactic used by bad actors to see if you’re susceptible to being duped. As we mentioned with the contest/sweepstakes scams, the bad actor has your name and can visit your profile once you comment on, react to, or share their post. With this information they can compile a potential list of people to retarget for an actual scam, now that they know who’s gullible.

With this specific scam involving hurt/abused animals in the screenshot below (warning, this image may be distressing), the only action you are being asked to do is to “bump this post” (make it more visible to others) to help the person find the owner of this dog that was “hit” by a car. They also mention the town, which we redacted.

Facebook post what what appears to be a hurt dog that is part of a scam targeting animal lovers

Here are the red flags:

  • There’s no specific language in the post to indicate a street name or any other way to describe an exact physical location.
  • By asking to share or to comment on the post, the scammer is doing two things. First, they’re getting people to interact with the post which we mentioned allows them to gather a list of names as potential targets for future scams. Secondly the scammer wants people to make the post grow with the intention of having more people interact with it. This in turn allows the scammer’s target list to grow.

How do you discern a post like this is fraudulent? There are two things we need to dig into; the image of the dog and secondly the account that published the post.

With the image of the dog, we want to see if shows up on other websites or social media profiles that are suspect or if there is information warning you about a scam using the picture.

By doing a reverse image search, we see that there a couple of news articles warning people about scams targeting animal lovers. That’s a big red flag you can’t ignore regarding the social media post you’re examining.

Google Image search results of hurt dog scam

Now that we know the image of the dog is being used to manipulate animal lovers, the next thing to look at is the profile of the person who published the picture.

In the screenshot below is the profile under the control of the scammer. We’ll get to the profile picture in a second, but the thing that should jump out to you is that this person has zero friends and followers. Make a mental note of this.

Fake Facebook profile with 0 friends and 0 followers that is under the control of a scammer

Let’s get into the profile picture and see what we come up with.

This screenshot is the full sized image used in the scammer’s profile picture.

Profile picture used by scammer to create fake Facebook page