The 10 Biggest Facebook Scams & How To Avoid Them

With over a billion people signed up, smarter Facebook scams are on the rise. Some Facebook scams are pretty harmless hoaxes designed to make you look silly by prompting users to repeat incorrect information. These posts often claim that Facebook will start charging for accounts, or that the company will “steal” your personal information unless you repost a particular notice.

But other Facebook scams can cause problems that have serious long-term ramifications, such as hijacking your account to send out spam, stealing your personal information, or even installing a virus on your computer.

Facebook scammers need to stay ahead of the game to keep up their nefarious ways. Although the methods used by scammers are constantly changing, there are a few basic ways to breach your security:

  • Phishing & Identity Theft: These scams aim to hijack your Facebook account by luring you to a webpage designed to look like an official part of Facebook, where you’ll be asked for personal information, and even your login.
  • Malware & Spyware Infested Links: Similar to phishing, these scams lure you into clicking on a link, or pasting a code into your browser, that activates malware such as viruses or keyloggers. Clicking the link will install viruses or malicious programs capable of searching for passwords and usernames stored on your computer.
  • Clickjacking: Users are lured into clicking a post that links to a page outside Facebook and then asks for another action, such as confirming you are over 18. Clicking the second link starts the downloading of harmful malware onto your computer.
  • 419 Advanced Fees & Romance Scams: These scams involve convincing you to send money for any variety of reasons, including collecting a lottery prize or earning income off of a fake investment.
  • Share Baiting: A way for scammers to trick people into sharing content under the false promise that you may get something in return.

Popular Facebook Scams in 2015

Think you’re too smart for fall for a spyware scam or identity theft? Facebook scammers are constantly finding new and creative ways to reach unsuspecting users. Here are some of the most popular ways we’re finding that scammers phish, spam, install spyware or try to steal money using Facebook in 2015:

1. Free Giveaways

From gift cards to tablets, smartphones, laptops, and even Disneyland tickets or game points, Facebook scammers know that the easiest way to get you to click on a link is by offering up some expensive goods for free.

An example of a free Facebook giveaway

These bogus giveaways appeal primarily to bargain hunters, and account for 16.5% of Facebook scams this year.

More than a nuisance, clicking a link for a “Free iPhone 6!” can potentially open you up to phishing, identity theft, and depositing dangerous malware on your computer.

How to avoid this scam? Beware of Facebook freebies! 

It’s pretty rare for companies to give away stuff on Facebook, and if they do, the prize will be listed on their company’s Facebook page. If you don’t see it there, definitely steer clear.

2. Viral Videos

Sneaking a peek at exciting videos is always tempting, especially if it’s shocking, scandalous or racy! However, many of the videos popping up on Facebook walls aren’t videos at all, but are scams designed to automatically download malware and viruses.

If you click the link to watch, you’ll be asked to update your video player. The scammers are hoping that you’ll think this is an authentic Facebook message and that the plugin you’re being asked to download is legit.

An example of a Facebook viral video scam

By agreeing to “upgrade,” you’ll download and install the virus through what’s called a “rogue plugin.” It also shares the scam automatically with your friends so the virus spreads.

If you’ve been duped by a viral video, you’ll need to complete a system scan to remove any viruses, and to double check that any malicious add-ons have been removed from your browser.

How to avoid this scam? Always double check the web address before clicking “agree” to ensure that any plugins and updates you install are legit.

3. Customize Your Profile

Another Facebook scam uses clickjacking to con you into installing a malicious app by promising “new and improved” changes to your Facebook account. This might include seeing who’s friended you, updating the layout of your page, or adding a “dislike” button.

The promised layout designs or features may change, but the scam is the same. Facebook scammers often insert malware or adware into these plugins, and by clicking “yes,” you’ll give the scammer access to your personal data and friends, as well as potentially expose your computer to viruses.

How to avoid this scam? Keep in mind that there’s no official way to change your Facebook layout, or to affect how others see your profile beyond your privacy settings. If you’re really craving Facebook customization, check out Gratisography for some cool cover photo options instead.

4. Who’s Been Viewing Your Profile (Or Blocked It!)

As the biggest scam on Facebook, 30% of spam links play right into our egos by promising to show who has been viewing your profile, or who’s blocked you from seeing theirs. The appeal makes sense; after all, who wouldn’t want to know whether or not their ex just can’t stop checking your updates?

An example of “Who's Been Viewing Your Profile” scam

Facebook has made it clear several times that this tactic is a scam. There’s no way for any app to show you who has visited or blocked your profile, because Facebook simply doesn’t share that information with developers.

While your intentions might be harmless, the hoax isn’t. The link is likely infested with malware or spyware, and clicking it can expose your computer to viruses that affect it’s performance until removed.

How to avoid this scam? Refrain from clicking any link that promises to show you who has viewed or blocked your profile. If you really need to know who is checking you out the most, a safe (yet not exact) way is to look at your “Friends” list — those at the top have the most frequent contact with your profile.

5. Fake Messages From Facebook

In a phishing attempt to gain access to Facebook user’s accounts, Facebook scammers send out a bogus message that looks something like this:

“Your account is reported to have violated a policy that is considered disruptive or insulting Facebook users. We will deactivate your account within 12 hours after you open this message if you do not confirm such reproductions. Please confirm your facebook account below:

If you still want to use your account, please confirm your facebook account below:

apps[dot]facebook[dot]com/-security-services/

(If the link is not clickable, try copy it into your browser.)

Note: we recommend to facebook users, asked to filling data that are complete and very accurate because we are from http://www.facebook.com/security team can ensure that the ownership of the account actually exists in your control and no that is using your Facebook account without permission.

Facebook Security™”

Facebook scammers use the authentic link to Facebook Security to make their ruse appear more legit. However, a big red flag is that the verification link directs users to a third-party website.

An example of a fake messages from Facebook

Facebook users who fall for the ploy will be directed to an external website designed to look just like a Facebook page, such as the one above, where you’ll be prompted for your login credentials and other personal information.

How to avoid this scam? Remember that your personal information, even login info, is valuable! Before you enter any of your information, take a moment to verify that you are actually on a Facebook page.

If you have fallen for a fake Facebook security message, it’s likely your account has been hacked. To reclaim your account, check out: Four Things you need to do if your Facebook account gets hacked.

6. Free Facebook Credits

Since the popularity of Facebook games such as Farmville has increased, this sharebaiting scam has hit Facebook full force. The popular lure promises users Facebook credits (that cost real money) for free.

The scam works by requiring that you “like” multiple items and that you to share posts on your Facebook wall. This is how the scam spreads rapidly and exposes all of your friends to the faulty information.

When you’ve followed their instructions and click to finally claim your credits, Facebook scammers will often require you fill out a survey that’s meant to scrape your personal information.

How to avoid this scam? Be suspicious of special offers that require you to like multiple items or share posts on your Facebook wall.

7. Urgent Pleas For Help

As we’ve shown, scammers spend plenty of time trying to gain access to your profile. Is it because your private messages are really so interesting?

Not quite. Instead, this popular “romance” scam starts by a scammer gaining access to a Facebook account using one of the methods above.

Then, they’ll post a plea for help on your Facebook page. They may even go so far as to change your username and password, locking you out of your own Facebook page. Here's the worst part of this Facebook scam: they then go on to send out messages to all your Facebook friends asking for money and stating that you are in dire need and need the money right away.

Similarly, if you get a message from a friend saying he or she has been robbed somewhere abroad and he is left with no phone, passport or money and then asks you for help, beware! Your friend’s account has probably been hijacked by scammers. 

How to avoid this scam? This scam preys off of our best intentions; the desire to help our friends and family. But before you send, verify the message is legit by asking your mutual friends if they received an identical message.

8. The Subscriptions Scam

Facebook scammers will use any means necessary to lure you to a page, including the promise of nude celebrity photos, tantalizing information, or the possibility of winning a prize.

Before you can read, watch, or enter to win however, you’ll be asked to complete a series of actions that will include entering your mobile number and credit card details. The scammer then subscribes you to a service, resulting in regular fees deducted from your credit card account, or even maliciously increasing the charges to your mobile phone plan.

How to avoid this scam? Never, ever enter your credit card information or phone number into any form you find on Facebook! If you’re interested in viewing a particular website that charges for access, go to that site directly and double check for a web address that begins with “https”, indicating a secure site.

9. The Self-XSS Scam

This scam has gotten so big that even Facebook warns users not to be duped by this self-inflicted dud.

Called the “Self-XSS Scam,” it’s designed to trick you into giving away access to your Facebook account so that a scammer can post and comment on your behalf.

The scam starts when someone mentions you in a post claiming you can hack any Facebook account, win free Facebook credits, or any other way scammers can find to tempt your cooperation. Unlike other scams that require you to simply click, here the scammer will provide detailed instructions on how to copy and paste malicious code into your browser’s Javascript console:

An example of the Self-XSS Facebook scam

Performing these actions allows developers of the scam access to your Facebook page and account information. If you’ve been tagged by a friend, that person has likely fallen for the scam themselves, and the scammers are using their account to attract more people.

How to avoid this scam? It’s pretty simple — most people never need to access their browser’s console. Should you be asked to do so, know that it’s very likely a scam.

10. Facebook Will Donate For “Likes”

Scammers circulate photos of sick children, animals in need of help, or pledges to donate, with the claim that Facebook will donate money for each like or share the photo receives.

The photos go viral as many people think that if there’s the slightest chance it could be real, not helping would be wrong. As good as those intentions may be, Facebook does not use its audience for fundraising, and has even publicly stated as much.

Sometimes the scam changes to state it’s another company doing the donating. However, companies who have philanthropic intentions rarely capitalize off their good deeds by asking for attention (and if they did, would you really want to further their cause?)

So what’s the harm? Often the photos or stories are of real people who did not give their permission to have their private tragedy exposed to the public. Circulating these images might not result in malware, but it does feed into what the scammers want instead of furthering a good cause.

How to avoid this scam? If you see something that makes you want to help, search online for the official website for the organization or cause.

Protecting Yourself From Future Scams

The Facebook scams listed above are bound to evolve into newer and trickier attempts to swindle your information. To stay safe, here are some practical tips that can help you avoid even the most appealing attempts on your security:

  1. Don’t Click That Link! When in doubt, simply don’t take the bait. This holds true even for private messages, status updates or offers. If you’re really tempted, contact the person who posted it and ask if the share was intended.
  2. Keep Your Anti-Virus Programs Up To Date. Just like real-life viruses, computer malware adapts to stay ahead of safety guards. It’s a never ending race that requires your software to be constantly updated in order to keep you safe.
  3. Set Your Facebook Privacy Settings. Limit who can view your profile info, email address, birthday, home address, pictures and updates to friends only by changing these settings to private. You can edit application settings by clicking on the appropriate drop down option under the account button.
  4. Limit the information you post on your profile. Don’t post sensitive information such as your home address, mobile number, home phone number, etc. if you want to make sure that it won’t used against you by scammers.

Finally Facebook scams sometimes spread because users don’t take the time to check their facts before clicking! If you recognize a scam, be sure to call it out to your family and friends (but be nice!). Also, be sure to report any suspicious pages or links to Facebook itself. The site includes the option to do so in every drop down menu associated with a post or page.

Warning others and reporting scams to Facebook are the biggest ways to help stop a scam in its tracks. If you know someone who’s regularly duped, share this article with them to help spread the word on how to stay safe on Facebook!


Autumn Yates

Autumn draws from a reporting background and years of experience working remotely, while living abroad, to focus on topics in travel, beauty, and online safety.


Comments

comments powered by Disqus

Want to Learn Expert Tips for Online Safety?

Join over 2 million HighYa readers who receive weekly how-to guides, tips & reviews and get a FREE COPY of our Complete Online Safety e-book. Enter your email below to get started!