Facebook is a social meeting place for millions of people around the world. Moreover, it is a paradise for fraudsters, data collectors, spammers and users who would like to get a chain letter rolling.
Cyber criminals often exploit the inexperience of Internet users and spread malware. In this article, we show you the six biggest threats on Facebook.
Fake friends ask for your phone number
With this nasty scheme, Internet scammers copy the profile of many Facebook users.
The copied profile looks so real that it is difficult to distinguish from the original. Let us assume that you are friends with an “Andreas”, a friend you have known for some time now. This “Andreas” suddenly writes you a message via messenger and asks you for your mobile number, because he has lost his phone.
You are used to both the name and the profile picture, because it is about “Andreas”, your friend. However, beware! This is not “Andreas”, but a scammer who copied Andreas’s profile 1:1.
The problem: Most users only realize too late that they are communicating with scammers and NOT with their real friends. After “Andreas” has your mobile phone number, we start. You will receive a text message on your smartphone. This “Andreas” will then ask you about the content. This is a transaction code.
This is what is going on in the background: Unknown individuals hack or imitate a Facebook account from the friends list of future victims. They contact the trusting victims and ask them for their mobile phone number. With the mobile phone number, services are purchased from so-called third-party providers, usually game credits or similar. Via the contact to the victim, the perpetrator then receives the transaction codes sent by SMS, which he needs to unlock the credit.
Questionable messages with links to the “Is that you” videos
With this trick, you will get a message with a link from one of your contacts in your friends list, they “claim” that you are in the video.
They usually use a YouTube logo for it, which serves as a preview image. YouTube because almost everyone knows YouTube. There are two scenarios:
- A) If you follow the link, you will end up on a website with a login form that looks like it is from Facebook. Out of curiosity, because of course you want to see yourself on YouTube, you enter your login data. Beware: this page is not a real Facebook page. Internet scammers faked this login page. The aim of the scammers is to get YOUR access data for your private profile on Facebook with this mesh. Once entered and the data lands in the hands of the scammers and you probably will not have access to your account anymore, because the scammers would change the password immediately. However, that is not all. If you are also an admin of various sites and groups that are connected to your private profile, then these would probably also be taken over.
- B) Another trick is to follow the link and be asked to install a so-called browser extension. In many cases, it is an alleged “video player”, which is now necessary to watch your video. However, beware! This browser extension does not do you any good, because these extensions require full access to your Facebook account and write status messages and send messages to your entire friends list (so the message has also come to you, so please warn the friend from whom you received it!).
How can I work around this?
A) First, listen to your gut feeling and always ask your friend first if he sent this message before you click on a link. Never enter your login data in dubious form fields outside of Facebook (always look for the domain/URL in the browser line), even if they look like Facebook.
B) If you have already fallen into the trap, let your computer search and then remove the harmful browser extension and check if there are extensions or add-ons in the browser that you did not install or don’t recognize.
Data collectors on the move. Subscription traps possible.
Sweepstakes here, sweepstakes there… Facebook is always full of dubious sweepstakes, mostly on weekends.
The prices are always very high quality. An iPhone, a great car, a food processor or even a great house. Even cigarettes or shopping vouchers from various renowned retailers are also very popular.
Many things are supposed to be easy to win. Usually it is enough to “liken”, “share” and at the end add a “comment” to the entry. If these pages have once achieved thousands of fans, which is usually the case with such sweepstakes, a new status contribution will be created and the user will be informed that he may now complete the participation.
And who doesn’t? Who wouldn’t like to receive such a great prize so easily? In order to complete the participation, the user now “only” has to follow a link. It all starts now. If one follows the link, then one lands on a contest form. You will be asked for your full name, your home address, your e-mail address and your telephone number.
What the majority of users like to ignore is the small print. It says there that you agree with the fact that you can be informed about further offers by many companies by post, telephone, e-mail or SMS. In other words, it is about your DATA. Your data will be traded or sold and are worth a lot of money.
It has to be stated at this point, that the prize promised on Facebook will never come about. They only served as a lure to generate many fans, to fill out the mentioned competition form.
How can I avoid this?
Nobody will give anything away just for the fun of it. Listen to your gut feeling and always look into the “info” of a Facebook page. You can recognize ominous raffles, for example, when you read: “Press on “like” and you will be in our lottery pot!” as well as “Whoever shares the post has more chance to win!” and then “The page -Name-of-the-Page- must be marked with “like”!
Another distinguishing feature is if the following contents are not available: The owner of the page or a contact person, the legal notice and a contact option. Important are also the conditions of participation and the so-called “exemption from Facebook”. All these elements must be easy to find in serious competitions.
Marriage scam or romance scam (advance payment fraud)
In this scam, fraudsters are targeting female user profiles.
Contact is usually established via Facebook Messenger. In modern Internet language, this is called “scamming”, but in Germany and Austria it is also known as “advance payment fraud”.
This fraud appeals to the kindness of a human being. They promise great love. There is a particularly high emotional stress associated with this form and it has only one goal: to pull the money out of the “lover’s ” pocket.
At first the victims are wrapped with attention, kindness and other charming tricks. Once the scammers have established a friendship or potential love relationship, they go a step further. They pretend to need money for a certain thing (mostly emotional content, e.g. money for an important operation, stolen suitcases and passports, unpaid wages etc.) and have a good chance to get the demanded money from the virtual “partner”, because they are already emotionally bound at this point.
Another popular scam is the one with a false identity. The scammer pretends to be an American soldier on a foreign mission and pretends not to get his money. The victim should kindly transfer money via Western Union or MoneyGram with the promise that he will get it back as soon as possible. One of the trickiest things about this is that they sometimes make phone calls to the victim in order to make the personal relationship even closer. Skype or prepaid mobile phones are used here, where it is no longer possible to trace who the owner is.
How can I avoid this?
Never transfer money to a person whom you have never met or seen face-to-face! Internet friends who ask you for money or make other demands are always suspicious. Your gut feeling usually tells you right from the start when something has a suspicious aftertaste.
Credit spammers are often found on Facebook.
They lure users, who are generally in a difficult financial situation, with dubious posts and offers into a trap. These scammers proceed as follows: They repeatedly leave contributions and comments such as this (sample) in their profile as well as on pages and especially in Facebook groups:
“Apply for a quick and convenient credit to pay bills, Christmas loans, mortgages, consolidation loans and start a new business or refinance your projects at a favorable interest rate of 3%. Make contact us today about: Enduranceloanfirm9@gmail.com with credit amount required.”
These offers are primarily aimed at users who can no longer obtain credit from their house bank. These profiles indicate that they have their own capital, that they grant personal loans and this at a lucrative interest rate and with an insane term. This scam, just like the marriage scammers, is a so-called advance fraud!
If a user reacts, personal data and a copy of the passport are required from them relatively quickly. The creator of the “credit offers” is not concerned with the procurement of cheap credits, but shamelessly exploits the situation of a person. Additional costs occur and if you do not pay attention here, you are suddenly bound to contracts that have nothing to do with a loan. For example, one case involved a loan amount of 1,900 EUR. However, the user should first transfer 180 EUR Euro.
An amount of 180 EUR should have been meant as a handling fee. The problem is that many people are so desperate that they don’t even recognize the scam and pay 180 EUR for it. If you need a loan, you should ALWAYS go to your bank! If the bank refuses to grant you a loan, you will normally not get a loan anywhere else and certainly not on Facebook!
How can I avoid this?
Once again: Please listen to your gut feeling! With dubious credit offers on Facebook, you can be sure that scammers are behind them. Do not give your personal data to strangers.
Fake Facebook Security threatens to block your account
With this scam, Internet fraudsters create false profiles and/or pages and pretend to be “Facebook Security”.
Messages or status posts in which you are “tagged”, indicate that you have allegedly violated Facebook guidelines. The message threatens to block or block the user’s account.
It is never a good sign when Facebook Security contacts you. The user becomes insecure and follows the instructions of the fake “Facebook Security”.
They mentioned in the message or in the post that you can avoid a block by following a link. By doing so you can allegedly “confirm” your account. However, what happens then has nothing to do with Facebook, because the user is redirected to a website that contains a fake Facebook login form.
Many users confirm their account here out of fear and enter their e-mail address and their Facebook password into the form. Once you have entered it, the access data ends up in the hands of the scammers and you probably won’t be able to access your profile again anytime soon, because the scammers would change your password immediately. Not only that. If you are also an administrator of various sites and groups that are connected to your private profile, then these would probably be taken over as well.
How can I avoid this?
Yes, there is an official “Facebook Security” but it would never mark you on Facebook and tell you that you have breached the rules. Replicated accounts often have special characters in their names to prevent them from being found and banned from Facebook. For example, the name “Fâcebøøĸ Séƈurîƚy”. Therefore, anyone who encounters strange characters in the name of the alleged security can be quite sure that it is a message from scammers. One more tip: You should report the corresponding profile or page to Facebook.