Scams Making the Rounds on Facebook

Hey there Internet traveler! Anecdotally we’ve seen an uptick in certain scams making the rounds again on Facebook. We thought we’d break them down for you a little bit and give you a place to explore how to figure out if a post is a scam or not.

Just a warning. Some of the images, while not extremely graphic, could be a little distressing or also a little adulty for some people. Continue at your own discretion.

The scams we’re showing you here, and any others you come across for that matter, all rely on Social Engineering. We’ve talked about this subject in various ways here, here, and here. In short, it’s about tricking people to give up sensitive information and/or to get someone to do something out of character like clicking on a malicious link. Phishing is probably the subset of Social Engineering you are most familiar with.

The first scam we’re going to show you is what we consider contest/sweepstakes scams. These scams typically involve winning tickets or high value items, which is already a lure to get someone to act impulsively. The language is key to these scams. It’s meant to deliberately create scarcity and a time constraint. “Only 2 tickets left and the contest ends in three days” is an example of this kind of language because of the limited supply of tickets (scarcity) and the contest ending in two days (time constraint).

In the screenshots below, you’re asked to find certain numbers in the post image and people comment about what they found.

Facebook scam where bad actor is pretending to be a Toyota car dealership telling people will win a prize

Fake contest scam on Facebook with entity pretending to be a camper/rv organization

 

Fake Facebook contest with bad actor pretending to be a log home organization

You’re then directed to click on a link to verify your entry. In the fake Toyota contest screenshot, they’ve used one of Facebook’s buttons you can add to a business page to allow people to engage in different actions. The entity controlling this page wants you to click on it. If you’ll notice right below the button, it shows a tinyurl.com link. TinyURL is a link shortening service and these services are often abused by bad actors because they use them to mask the real link of where they want to send you. Scammers also like to use Google Sites because it’s a free application by Google that allows someone to spin up a website quickly at no cost. The scammers want a cost effective solution, so this is a win for them, and by abusing Google’s brand, when someone sees the word “Google” in the website URL they may implicitly trust that what they’re about to click on is safe.

When someone comments on, or reacts to, or shares these scam posts, this allows the scammer to scrape your information. You might be retargeted for more scams or phishing attempts over social media. We’ll go into a little more detail later of what’s at risk for you if you fall for a scam.

Now, if you do a little more digging into a scam, you may notice interesting patterns emerge. In our case, all of these pages you see in the screenshots operate out of Indonesia. If you look at the post dates, they’re all within a few days of each other too. Not to mention the page names represent different interests, so it’s not like the scammer is only pushing out one post everywhere. They want a variety so it appeals to different people.

We’ll walk you through one last scam. This one targets those that have a soft spot for animals. What we’ll show you also applies to uncovering other types of scam posts you may encounter on the social media platforms you use.

This particular type of scam is a tactic used by bad actors to see if you’re susceptible to being duped. As we mentioned with the contest/sweepstakes scams, the bad actor has your name and can visit your profile once you comment on, react to, or share their post. With this information they can compile a potential list of people to retarget for an actual scam, now that they know who’s gullible.

With this specific scam involving hurt/abused animals in the screenshot below (warning, this image may be distressing), the only action you are being asked to do is to “bump this post” (make it more visible to others) to help the person find the owner of this dog that was “hit” by a car. They also mention the town, which we redacted.

Facebook post what what appears to be a hurt dog that is part of a scam targeting animal lovers

Here are the red flags:

  • There’s no specific language in the post to indicate a street name or any other way to describe an exact physical location.
  • By asking to share or to comment on the post, the scammer is doing two things. First, they’re getting people to interact with the post which we mentioned allows them to gather a list of names as potential targets for future scams. Secondly the scammer wants people to make the post grow with the intention of having more people interact with it. This in turn allows the scammer’s target list to grow.

How do you discern a post like this is fraudulent? There are two things we need to dig into; the image of the dog and secondly the account that published the post.

With the image of the dog, we want to see if shows up on other websites or social media profiles that are suspect or if there is information warning you about a scam using the picture.

By doing a reverse image search, we see that there a couple of news articles warning people about scams targeting animal lovers. That’s a big red flag you can’t ignore regarding the social media post you’re examining.

Google Image search results of hurt dog scam

Now that we know the image of the dog is being used to manipulate animal lovers, the next thing to look at is the profile of the person who published the picture.

In the screenshot below is the profile under the control of the scammer. We’ll get to the profile picture in a second, but the thing that should jump out to you is that this person has zero friends and followers. Make a mental note of this.

Fake Facebook profile with 0 friends and 0 followers that is under the control of a scammer

Let’s get into the profile picture and see what we come up with.

This screenshot is the full sized image used in the scammer’s profile picture.

Profile picture used by scammer to create fake Facebook page

From there we searched the image in Yandex’s image search. See the screenshot below.

Returned image search results for fake Facebook page profile picture using Yandex search engine

Some of the results show the picture of our target image published on dating sites. We also have a name to look into, Alexis Texas (Warning, if you do search the name, Alexis Texas is an adult film star). There’s also a German site stating that the image is from a romance scam and it’s a fake profile. That’s interesting.

Shall we take a look at Google Images?

If we search the image on Google Images, we see a hit for a site called romancescam.com with a post titled “Scammers with pictures of Alexis Texas – Page 2”

Google Image Search results for profile picture used in fake Facebook page

That’s the second time we’ve seen this name and also the second time we’ve seen some site about romance scams where the profile picture of the woman pops up.

Browsing to the linked result in Google, this is the page on romancescam.com where the picture of Alexis Texas appears.

romancescam.com results showing exact stolen image used to create a fake Facebook account

Those creating fake accounts like to steal images from “influencers” on Instagram, adult film stars/OnlyFans accounts, local celebrities, or anyone that has usable pictures that are publicly accessible.

Based on the findings we uncovered by picking apart the post image, how the user’s profile is composed, and picking apart the user’s profile picture, we are confident what we observed is a scam.

We are living in a time where we must be vigilant with the content we consume because there are real life consequences if you engage with the wrong person. Things like identify theft (not just the financial kind), account takeovers, and drained bank accounts happen. For those looking for a relationship you may encounter a catfish and that raises the concerns of getting scammed, or they don’t plan to commit to the relationship, or if you do meet in person there’s the potential that you’re putting yourself in harms way.

How do social media scams affect an organization?

They can A) muddy communications with disinformation, B) drive traffic away from your business, or C) use it as an opportunity to extract sensitive information of people in the communities you serve. We can also get into intellectual property issues like stolen logos and other marketing material showing up in places you didn’t authorize. If you’d like to read more, check out our article on how social media undermines your organization’s security.

Some steps to take (Note: these steps aren’t exhaustive)

If you run into this stuff on the social media platforms you use:

  • Take a step back and ask yourself why you’re feeling compelled to engage with the post.
  • Look for the red flags we mentioned to see if what you’re observing is fake.
  • If it is fake, report the post on the social media platform you’re using.
  • Report scams to the Federal Trade Commission at https://reportfraud.ftc.gov/

How we help

Personal services:

  • Training on how to develop the skills needed to confidently identity fake posts and accounts.
  • Digital footprint reviews to see if anything from your social media platforms are being abused.
  • Identity theft prevention and restoration services.

Business services:

  • Our external risk/threat assessments will help identify if someone is impersonating your organization and/or key members of your company. This would include looking for social media scams using your brand.

Reach out to us using the contact form below for a free strategy call to see how we can help you, your family, or organization. Also, if you have an interesting story to share on this topic, drop us a line.

Finally, while you’re here, sign up for our free cybersecurity and research newsletter with this link https://bsquaredintel.com/newsletter-signup/

Contact Us | Bsquared Intel

Please fill out the form below, or call 203.828.0012, to learn how bsquared intel can assist you.

Name(Required)