Skip to main content

New Facebook Scam “Means Business”

Written by Andy Wise on . Posted in Wise Warnings.

This one targets Facebook fan pages and business profiles tagged inside your posts. It tried to scam one of my Wise ChoicesTM. The twist: only my client could see it.

The text to my phone caught me off guard. Four words: “What in the world…?”

It was a text from Tracy Hill, interior designer and co-owner with her husband Bill of #WiseChoice Interior Transformations/Hillco Construction. She had just seen the comment you see in the screenshot above: “…Fan page post…contains misleading content and shares inaccurate information…”

The comment was added to a Facebook post I had just launched on my Wise ChoicesTM Facebook page about the Hills’ company. The post was promoting their company’s consumer protection credentials.

I told Tracy not to click on or respond to the comment. Let me check it out first. I pulled up the post and scrolled down to the comment section.

There was nothing there.

I texted Tracy to tell her there was no comment there. She replied that she’s looking right at it on her computer. She sent me a second screenshot. There it was — on my Facebook page, under my Facebook post for her business.

I refreshed the post, scrolled to the comments. Nothing.

I knew the comment must be the start of a Facebook phishing scam because of the nonsensical number and the generic “agent with headphones” visual in its handle.

I also had a hunch.

I asked Tracy to have her daughter browse my post from her Facebook profile. Then I asked my daughter to do the same. Neither could see the alleged warning comment on my post. Only Tracy could see the comment when she viewed it from Interior/Hillco’s business Facebook profile.

That’s when I knew what was happening. A scammer was using the tag of my client’s profile in my Facebook post as a vehicle to scam my client.

Consumer protection experts call it malicious tagging. It’s typically in the form of a scammer hacking someone’s Facebook account, then tagging one of your friends or associates in a fake, malicious comment or post. The scammer hopes your friend or associate will engage the tagged post and eventually give up their Facebook username and password or other personal information via a link.

I discovered that the comment Tracy saw is one of the most common attempts to deceive your Facebook friends, associates or clients into what’s essentially a data blackmail scam. “They want you to click on a link, and at that point, they are going to ask you to enter some personal information to verify that you are really the Facebook user that we think you are,” said Better Business Bureau of Charlotte, NC, President Tom Bartholomy in this article written by WCNC Charlotte. “That’s what they are after. They harvest your data.”

The difference here is my Facebook business profile never appeared to be hacked. The scammer was able to place the comment on my post and program it so that only my client’s professional Facebook profile could see it. It was ostensibly programmed to scare my client into thinking my post was misleading viewers about my client’s reputation — and to coerce Tracy Hill into giving up control of her company’s Facebook account.

Remember: the real Facebook will never send you an unsolicited message, email or comment that asks you to click on a link to provide personal information or your Facebook credentials. It simply will never do that. If you have truly violated the platform’s standards, it will either post a warning on your feed (without a request to click on anything) or ask you to edit or delete the objectionable content. If Facebook deems the content indecent or obscene, Facebook itself will destroy the content, often without warning or explanation.

Once I figured it out, I gave Tracy the skinny on what was going on. “I can’t say I was shocked,” she said. “People try to scam us all the time. I was upset and very concerned because of the attempted scam and the fact that Facebook can delete your page without explanation. We have worked hard to build our page. It is disheartening to see people trying to ruin what we have worked so hard to build.”

The Better Business Bureau of the Mid-South offered these tips to keep from falling for Facebook scams like this one:

  • DON’T PANIC. Always read suspicious emails carefully, looking for signs of a scam, before you act. Remember that scammers love to target social media accounts, so fake alerts aren’t uncommon.
  • VERIFY THE CLAIMS. Log into your Facebook account directly to verify there is a problem before deciding how to proceed.
  • ALWAYS LOG INTO YOUR ACCOUNT DIRECTLY. Even if you think an alert is authentic, use your social media app to log in or enter the URL in the browser bar by typing it directly, not by clicking on a link sent to you or by clicking on the alert itself. Never do that!
  • GUARD YOUR LOG-IN CREDENTIALS CAREFULLY. Never enter your login information on a third-party website or a page other than the official Facebook website. Never send your login information to someone via email or Facebook Messenger. If you entered your login credentials into a fake form, change your password immediately.

I asked Kyle Bort, information security officer for cybersecurity and IT support service TeamLogic IT Memphis, to review how the scammer was able to isolate the scam-bait comment so that only my client could see it, hiding it from everyone else. “This sounds likely that the attacker manipulated the comment or the user’s browser in a way to where the permissions dictated that only Tracy could see the comment,” Bort said. “This can commonly happen through a limited compromise of an account.

“There are many ways that we can reduce the risk of this. Some common ones include multi-factor authentication through authenticator apps and also having truly randomized passwords for all sites that you use. You can also do more technical things like forcing your browser to clear its cache each time you close it and ensuring that your browser stays up to date. You can also do things like ensuring that you always sign out of any apps you use. While the ‘stay signed in’ button is tempting, it’s often not recommended as it can leave information vulnerable.”

Tracy Hill never did engage the comment. A few days later, the comment disappeared. Tracy couldn’t see it anymore from her business page.

The scammer may have “meant business.” But good business, careful research and cybersecurity won the day.

This time…

Copyright 2023 Wise ChoicesTM. All rights reserved.

andy wise, andy wise choices, andy wise memphis, andy wise on your side, business scams, consumer investigator andy wise, consumer protection, facebook, facebook scams, memphis wise choices, phishing, wise choices