ESET experts gave warnings by informing users about the fraudulent ways on Facebook.
One of the main goals of cyber bugs is to seize personal information. They use this information for many error activities, from identity theft to selling data on darknet marketplaces. To achieve their purpose, cyber bugs impersonate Facebook and suggest that someone may have logged into your account, your password has been reset, or it’s valuable by sending a contact to log in to your account. However, this contact will take you directly to an invalid Facebook login page, where scammers gain access to your account by obtaining your credentials to access your account.
As a loan offer, the scammer shares posts promising to provide instant loans with low interest rates and says that it is enough to deposit a small price upfront to get this loan. Usually the text will be a story with words intended to instill faith by stating that the lender is a businessman who has lent money to many happy customers and has “proven” success in the past.
Cyber bug clones your entire social media profile into a template and tries to impersonate you. As another method, it clones the account of someone you know and tries to contact you by impersonating your friend or relative.
The aim of this is to get a price up front or to have you send money to save them by saying that they are in grief.
Another scam scenario is an image that, at first glance, often looks like a live broadcast of a game featuring a celebrity. To make the scam more believable, the image or part of the image of the celebrity is real. The actual image contains a previous live broadcast of the celebrity, but this image has been edited for the scammer’s purpose and contains various phrases that will convince the celebrity’s fans to fall for the scam, such as “The first one to answer will win XY.”
The scammer impersonates the celebrity by copying all of the celebrity’s official social media accounts and creates a fabricated account, but the celebrity’s name is written with a minor typo or with the addition of “TV” next to it. The scammer reaches out directly to the celebrity’s commenting fans and tries to persuade them to share sensitive information or send money from their account. To that end, he may share the theme of a malicious website.
Tactically, a page or an account is created and a race is held, often by impersonating a particular brand, celebrity, group, or anything else that might be of interest to the victim. Scammers ask users to like, comment on, register and share the competition with the aim of expanding the reach. Users think that if they fulfill the requirements, they participate in the competition to win first-class air tickets, concert tickets, works or interesting prizes. Potential victims are then contacted through a similar activity that requires them to share personal details, answer surveys, visit a malicious website, or share personal information. However, as seen in most cases, the victim does not gain anything. Rather, it shares sensitive information with scammers or fills out a survey so scammers make money.
These scams can take many forms, from using Elon Musk’s name to spread Bitcoin and Ethereum scams to hacking Twitter accounts. The target of these scams is one-on-one. They try to trick you into sharing sensitive information about yourself, payment information, or gaining access to your crypto wallet, transferring cryptocurrencies to the scammer’s account.
Usually a contact is sent for fraud. This contact directs you to a website that requires you to enter your personal information or, in some cases, access your cryptocurrency wallet.
Advertising can be seen as the first step in victim scamming. With these ads, the scammer persuades victims to click on the ad and directs them to invalid marketplaces that offer works with unrealistic discounts. These ads often contain valuable items such as Ray-Ban sunglasses or are frequently seen during seasonal events such as Cyber Monday. In any case, when you go to this marketplace and buy something in particular, you will meet with a terrible end.
Crowdfunding, grant or donation scams are another type of cyber error to deceive victims. In these types of scams, fraudsters exploit individuals’ sense of empathy and willingness to help those in distress by staging phony donation schemes or impersonating real schemes. Sometimes scammers try to cash out recent tragedies, such as natural disasters, accidents, or other tragic events that might entice people to donate.
Cyber bugs use companies and brands to take over Facebook pages as well as ordinary users. The scammers impersonate the Facebook Boost unit and send a message to the page owners stating that they violated the page’s content policy and that they have been accused of “Copyright Violation”. The message includes a contact where they can “officially” contact Facebook Boost and they state that the page owners should respond within 24-48 hours or their page/account will be suspended. However, this is a deception designed to capture the login information to the page. When you click on the contact in the message, you will be taken to a form that you have to fill out and then a mock-up of the Facebook login page.