Crooks targeting fans of social media stars and influencers by replying to comments

ByCraig Haley

Cyber-crooks continue to target Facebook users who follow certain Facebook pages by targeting their comments on posts. We take a look at another example of these scams in action.

We wrote only a short time ago about the surge in cases whereby scammers target Facebook users who make comments on the posts published by popular Facebook pages, such as businesses and fan pages. And even more recently than that, we wrote about how terrible Facebook is at removing these scams.

In the past, scammers have relied on setting up their own spoof Facebook pages and posting their own booby trapped Facebook posts in order to ensnare Facebook users. However we’re seeing increasing number of scammers turning to other [usually legitimate] Facebook pages to recruit potential victims.

Here we look at a specific example of these scammers in action. In this example we look at the Facebook page (below) belonging to The Inspired Unemployed, a comedy duo from Australia that – like so many social media stars – keep their fans entertained by posting amusing videos. The page, at the time of writing, boasts a follower count of almost 700,000.

As with many such pages, the posts they make receive plenty of shares, likes and comments. And as we’ve discussed before, it means their posts are an attractive watering hole for cyber-crooks. It is of course worth noting that this page, as with most other pages crooks target, are themselves legitimate and not involved with these scammers.


Sponsored Content. Continued below...




Step 1: The reply to the comment.

The scam is initiated when crooks post replies to the Facebook users who comment on these popular posts. An example of such a reply is below.

In this specific example, the scammer is impersonating the identity of one of the entertainers associated with the The Inspired Unemployed comedy duo. The reply urges the Facebook user who commented on a post to visit their Facebook profile to win a cash prize.

Step 2: The fake profile

The aim of step 1 is to lure the Facebook user away from the Facebook page on which they made their comment, and onto a fake Facebook profile under a scammer’s control. In the case of Step 1, the user is urged to click on a profile since they’ve been “selected as a winner” and by doing so, they’ll end up on a fake Facebook profile that is impersonating one of the entertainers associated with the Facebook page they commented on.

The top post on this profile (below) is asking the Facebook user to click a link in order to receive a code that they’ll need to confirm their prize.

And that in turn will lead to step 3.


Sponsored Content. Continued below...




Step 3: The subscription scam

This link leads to the end game of the scam, which in this case is a subscription scam. Those who click the link to “receive their code” are actually lured to any one of a network of scam websites that lure people into subscribing for useless online services that charge hefty monthly subscriptions (subscriptions that are hidden in the small print) that ultimately makes money for the scammers. See example of such a webpage below.

There is, of course, no cash prize really being given away. But Facebook users won’t realise that until it is too late.

This simple three-step scam is a good demonstration highlighting one of the scams that have been using legitimate Facebook posts to find and target other Facebook users.

The reality is that simply commenting on a public Facebook post – especially posts that receive lots of engagement – is now enough to put you in the crosshairs of scammers. And consequently it has never been so important to learn how to spot these scams so you don’t fall victim to them.

Remember…

  • Always be sceptical if someone you don’t know posts a reply to a comment you make on a Facebook post, especially if it claims you’ve won a prize and need to visit a profile or website to claim it.
  • If you’re told you need to give out your payment details or subscribe to online “offers” or complete surveys in order to receive a prize, you’re being scammed.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)