In recent months, a surge of online scams has been targeting Facebook users, with scammers posing as representatives of the social media platform itself. These scams aim to phish users’ account credentials and in some cases, even impersonate lawyers from legal firms to extract more money from victims. My recent investigation has shed light on the tactics used by these scammers including their approximate operation locations, and the alarming rate at which they are operating.
The Scam: A Closer Look
The scam typically begins with a fake profile claiming to be from Facebook, reporting user violations and threatening to suspend or terminate the victim’s account. The scammer then contacts the user, posing as a representative of Facebook, and sends them to a site that looks like Facebook to ask for their account credentials to “verify” their account. Once the user provides their login information, the scammer gains access to their account and can use it for malicious purposes.
A Personal Experience
A relative recently fell victim to this scam, with the scammer changing their profile photo to a Hamas flag before Facebook took down the account. Fortunately, the account was recovered. This prompted me to setup an operation that lead to some details on the fraud syndicate.
The Investigation
To gather more information about the scam, I played along with one of the scammers who claimed to be a lawyer from a legal firm specializing in recovering accounts from scammers. The scammer used a phishing site hosted by gname dot com, a provider based in Singapore that has been known for allowing the hosting of scams and phishing sites for over two decades.
The Fake Legal Front
The scammer also impersonated a lawyer, using images of actual bar certificates to appear legitimate. They promised to help victims recover damages from online scammers, but instead asked for remittance records from money exchange places where the scam took place. This was an attempt to extract more money from the victim.
The Report
I have documented the entire process, including IP addresses of the scammers, which were traced to locations in Sweden and Hong Kong. A report was faxed to the Federal Trade Commission (FTC) and the FBI’s National Cyber Investigative Joint Task Force, but no response has been received yet whence of this writing.
Conclusion
The rise of online social media scams is a growing concern, and Facebook users need to be aware of the risks. By being cautious and vigilant, users can protect themselves from falling victim to these scams. It is essential to verify the authenticity of any messages, posts or emails claiming to be from Facebook, and never provide account credentials to unknown individuals. Facebook will never message or post you about usage violations. Instead they will provide you a message about usage violations in ways that users on Facebook cannot. Such as direct and private notifications to you only.
Stay Safe Online
To avoid falling victim to online social media scams, follow these tips:
- Be cautious of messages or emails claiming to be from Facebook, especially those asking for account credentials or asking you to login with your credentials even if the site looks like Facebook’s login screen.
- Verify the authenticity of any messages or emails by contacting a relative or friend that is more computer savvy or informed.
- Never provide account credentials to unknown individuals. Never login to a Facebook looking site especially if you are already logged in.
- Keep your account information up to date and secure with two factor login verification and changing your password after suspected account compromises.
Report any suspicious activity to Facebook and relevant authorities.
By being aware of the risks and taking necessary precautions, Facebook users can protect themselves from online social media scams and stay safe online.
