/ATPE/media/Assets/Facebook-Cybersecurity_Blog_v1.png?ext=.png /ATPE/media/Assets/Facebook-Cybersecurity_Blog_v1.png?ext=.png

Staying Safe from Facebook Scams

Association of Texas Professional Educators
Association of Texas Professional Educators

Date Posted: 7/14/2023

Online scams might not be new, but with the rise of chatbots and artificial intelligence, they are becoming harder and harder to identify. For the past year, a Facebook scam has been targeting businesses and pages of all types, and it is difficult to spot.

This scam uses a chatbot to mimic Facebook Support, and this chatbot uses the official Facebook Messenger. Here is how the scam works, according to Trustwave.

The victim will receive a fake email from Facebook support that looks genuine and usually calls for urgency, such as: “Your page is scheduled for deletion after violating Community Standards. If we don’t hear from you within 48 hours, the page in question will be automatically deleted.” The message also changes if that target in question is an account. There is usually then a link for the victim to “appeal” this possible deletion, and this is where the scam is most effective as it opens to messenger with a chatbot that pretends to be actual Facebook support.

Usually, this chatbot will be named something along the lines of “Page Support,” “Account Support,” or “Facebook Support”. The scam might appear to be a legitimate process because it is not opening to a random page but rather Facebook’s official messenger. However, if you are at this step in the scam, a surefire way to spot it is by clicking the page attached to the message to view the obviously fake Facebook page.

At this point, the scam gets even more elaborate. Once someone clicks the “Appeal Now” in the fake Facebook Support message, it takes them to a fake Facebook website that includes a case number for their account deletion. Next, the scam will collect personal information filled out through a series of forms that look like an official process, which begins with login email/phone number, name, and page name. Then, the scam requires the victim re-enter their password.

Two-factor authentication is aimed to prevent hacking, but scams have gotten wiser, and this scam requires you enter the 2FA code from the authenticator you use. To top off the believability of the scam, the final page you are moved to is the official Facebook support page once your “appeal” is submitted. This is aimed to hopefully keep the victim unaware that they have been scammed and hacked. To look at the full step-by-step at how this scam and similar scams are done, read the article posted by Trustwave—they also post the coding of the how the fake websites are made. Small businesses have been victims of these types of scams for years.

A scam of this sophistication, which includes coding of fake websites, chatbots, and being booted back to official Facebook for believability, can be hard to identify as a scam for those reacting to the urgency. There are, however, a few ways to make sure you are not scammed even by something as sophisticated as this.

The best way to protect yourself is not to click links in support emails, no matter how believable it may seem. These scam messages can sometimes elude spam filtering by your email provider, so it is best to go to Facebook Support directly. This way, Facebook can become aware of the email address sending this scam. Even though having an account or page be deleted may seem frightening, that is exactly what scammers are hoping for. So it is important to stop and go directly to support instead of clicking the link.

Still, scams happen to everyone, and it is important to not feel guilty or ashamed if you have been scammed. It is also important not to victim blame in any situation. Those that have been scammed are victims and likely feel horrible and violated. AARP released a report last year stating how important it is to stop victim blaming in these situations.

For more information on what to do if you believe you have been scammed or how to report scams to the FTC, read this article from the Federal Trade Commission.

RECOMMENDED FOR YOU