Hey there Internet traveler! Anecdotally we’ve seen an uptick in certain scams making the rounds again on Facebook. We thought we’d break them down for you a little bit and give you a place to explore how to figure out if a post is a scam or not.
Just a warning. Some of the images, while not extremely graphic, could be a little distressing or also a little adulty for some people. Continue at your own discretion.
The scams we’re showing you here, and any others you come across for that matter, all rely on Social Engineering. We’ve talked about this subject in various ways here, here, and here. In short, it’s about tricking people to give up sensitive information and/or to get someone to do something out of character like clicking on a malicious link. Phishing is probably the subset of Social Engineering you are most familiar with.
The first scam we’re going to show you is what we consider contest/sweepstakes scams. These scams typically involve winning tickets or high value items, which is already a lure to get someone to act impulsively. The language is key to these scams. It’s meant to deliberately create scarcity and a time constraint. “Only 2 tickets left and the contest ends in three days” is an example of this kind of language because of the limited supply of tickets (scarcity) and the contest ending in two days (time constraint).
In the screenshots below, you’re asked to find certain numbers in the post image and people comment about what they found.
You’re then directed to click on a link to verify your entry. In the fake Toyota contest screenshot, they’ve used one of Facebook’s buttons you can add to a business page to allow people to engage in different actions. The entity controlling this page wants you to click on it. If you’ll notice right below the button, it shows a tinyurl.com link. TinyURL is a link shortening service and these services are often abused by bad actors because they use them to mask the real link of where they want to send you. Scammers also like to use Google Sites because it’s a free application by Google that allows someone to spin up a website quickly at no cost. The scammers want a cost effective solution, so this is a win for them, and by abusing Google’s brand, when someone sees the word “Google” in the website URL they may implicitly trust that what they’re about to click on is safe.
When someone comments on, or reacts to, or shares these scam posts, this allows the scammer to scrape your information. You might be retargeted for more scams or phishing attempts over social media. We’ll go into a little more detail later of what’s at risk for you if you fall for a scam.
Now, if you do a little more digging into a scam, you may notice interesting patterns emerge. In our case, all of these pages you see in the screenshots operate out of Indonesia. If you look at the post dates, they’re all within a few days of each other too. Not to mention the page names represent different interests, so it’s not like the scammer is only pushing out one post everywhere. They want a variety so it appeals to different people.
We’ll walk you through one last scam. This one targets those that have a soft spot for animals. What we’ll show you also applies to uncovering other types of scam posts you may encounter on the social media platforms you use.
This particular type of scam is a tactic used by bad actors to see if you’re susceptible to being duped. As we mentioned with the contest/sweepstakes scams, the bad actor has your name and can visit your profile once you comment on, react to, or share their post. With this information they can compile a potential list of people to retarget for an actual scam, now that they know who’s gullible.
With this specific scam involving hurt/abused animals in the screenshot below (warning, this image may be distressing), the only action you are being asked to do is to “bump this post” (make it more visible to others) to help the person find the owner of this dog that was “hit” by a car. They also mention the town, which we redacted.
Here are the red flags:
- There’s no specific language in the post to indicate a street name or any other way to describe an exact physical location.
- By asking to share or to comment on the post, the scammer is doing two things. First, they’re getting people to interact with the post which we mentioned allows them to gather a list of names as potential targets for future scams. Secondly the scammer wants people to make the post grow with the intention of having more people interact with it. This in turn allows the scammer’s target list to grow.
How do you discern a post like this is fraudulent? There are two things we need to dig into; the image of the dog and secondly the account that published the post.
With the image of the dog, we want to see if shows up on other websites or social media profiles that are suspect or if there is information warning you about a scam using the picture.
By doing a reverse image search, we see that there a couple of news articles warning people about scams targeting animal lovers. That’s a big red flag you can’t ignore regarding the social media post you’re examining.
Now that we know the image of the dog is being used to manipulate animal lovers, the next thing to look at is the profile of the person who published the picture.
In the screenshot below is the profile under the control of the scammer. We’ll get to the profile picture in a second, but the thing that should jump out to you is that this person has zero friends and followers. Make a mental note of this.
Let’s get into the profile picture and see what we come up with.
This screenshot is the full sized image used in the scammer’s profile picture.
From there we searched the image in Yandex’s image search. See the screenshot below.
Some of the results show the picture of our target image published on dating sites. We also have a name to look into, Alexis Texas (Warning, if you do search the name, Alexis Texas is an adult film star). There’s also a German site stating that the image is from a romance scam and it’s a fake profile. That’s interesting.
Shall we take a look at Google Images?
If we search the image on Google Images, we see a hit for a site called romancescam.com with a post titled “Scammers with pictures of Alexis Texas – Page 2”
That’s the second time we’ve seen this name and also the second time we’ve seen some site about romance scams where the profile picture of the woman pops up.
Browsing to the linked result in Google, this is the page on romancescam.com where the picture of Alexis Texas appears.