- Hackers lie that ads from corporate profiles violate standards
- They steal the passwords when submitting a complaint in a link sent by them
A Facebook page for her beauty studio with 6,000 followers, $260 allegedly given to regain her corporate profile, and years invested in its development – Ralitsa Terzieva from Stara Zagora loses all this in minutes. She became the victim of a new fraud in the social network, which is used to take over not personal profiles, but corporate pages. For fraudsters, it doesn’t matter what the business is, the goal is the same – to extort money and post fake statuses from the stolen profiles.
Facebook pages are important for entrepreneurs, especially for small businesses – in it, salons like Ralitsa’s share their schedule, write when they have free hours, promotions, holidays. Restaurants publish their lunch menus, and clothing stores – when they have discounts. For many companies, this is the only contact with the public - they do not maintain their own websites.
There are also attempts at fraud in the media, which use social networks to promote their articles. “24 Chasa” also received an “invitation” on its profile to “save” its Facebook page.
The fraudulent scheme begins with a message that the page will be deleted for violations
It is sent by an alleged employee of “Meta” – the company behind Facebook. The reasons are different, but you are always asked to send a complaint to a submitted link. The goal is to take over your account, and a password is requested when entering the data.
10 cases of fraud per month with an average amount of about BGN 500.
Several variants of the message are circulating. There may be different reasons given for removing your page – for example, misleading ads or copyright infringement. The text explains that they will surely delete your corporate page, and the only recourse is to file a complaint at the specific link in the message.
It’s actually a phishing attack – the page is made to look the same as that of the appeals social network, but the address is different. When the mente site opened, it already described a different reason for blocking the account – multiple complaints filed by different people. The next step is for a person to describe why they do not agree and enter their name, their personal email, the name of their Facebook page, the email associated with it, and finally the password. If it does, it sends all the data to the hackers. And there was never a real threat to his Facebook page.
The scheme is applied both in Bulgarian and in English.
One of the messages sent has the following text (the original spelling is preserved – b.a.):
Account lockout message:
Type of violation: Violation of advertising rules.
Inappropriate ad content: Showing ads that contain misleading or inaccurate information.
Use of sensitive keywords: Ads that use sensitive keywords or do not meet the requirements of the platform’s advertising policies.
This is the last notification for your ad account. We require immediate compliance. Please verify your account to continue using the service.
Please process it immediately to avoid access restrictions. If you do not confirm this, we will be forced to lock your account without further warning.
thank you
Terms of Use ©2024 Inc.
© The defendant
Platforms, Inc., Attn: Community Support, 1 Way, Menlo Park, CA 94025, United States
According to social media experts, messages claiming there is a problem with ads should have the most emotional impact. The reason is that many local businesses pay to show up to people in their
Experts remind that if Facebook really has a problem with a page, it will send a notification, not a private message. They come on the bell icon (far right of the screen), not in private messages or in messenger when the chat is used from a phone.
In addition, the social network sends an email. The text explicitly states which page exactly committed the violation, explains what it is, and usually starts with smaller penalties rather than outright deleting a page.
In the case of Ralitsa Terzieva, the fraud was for copyright infringement. Terzieva lied and gave her data. When he took over both her personal profile and her work page, she created a new one. Then a stranger wrote to her newly created account. He explained that he saw the new profile and had contact with someone who could assist. Ralitsa contacted him and he asked for 260 dollars (466 BGN).The money had to be transferred by PayPal (system for electronic payments – b.a.). However, in the request for translation, Ralitsa was instructed to write that it was for a relative or friend. “Because of the many years of maintaining the page, the thousands of followers and the fact that it helps my business a lot, I decided to pay,” the young woman told “24 Chasa”.
After she transferred the money, the “specialist” asked for more. Then Terzieva refused to pay. Meanwhile, it turned out that her business page had already been blocked due to various violations. Usually these are either pornographic pictures or scams. However, she has no way of seeing what happened to them, as corporate accounts are currently invisible. In the meantime, she repeatedly used the legitimate form of Facebook to return her profiles, but nothing happened.
A similar case, but for now without blocking, there is a Facebook page for photography in a city near Sofia. She abruptly changed her name on Monday afternoon, now allegedly at a luxury hotel in Vietnam. Constantly posts statuses for a free vacation and enters a phone number and email to write to on WhatsApp. A check of “24 hours” showed that they have nothing to do with the real contact forms of the original hotel.
The purpose behind such schemes is for a person to write in and be told that in order to win the free prizes, they must enter their card details to make a reservation, people familiar with the scheme said. So he would pay a small amount, which would then be returned to the hotel reception. Of course, there is no such promotion and one loses money.
Other pages are renamed to “Profitable investments” for example. Links are then posted to sites that invite people to invest their funds for “huge” profits. The difference with the popular scheme of making a new Facebook page is that the hacked one actually has quite a following. And in order to hide the traces of the original orientation of the corporate profile, dozens of photos are immediately uploaded, so that a few scrolls do not reveal the fraud.
People from North African countries are believed to be behind the scam. The very mules who haul the money are part of other gangs. The sums pass through several people to lose track of the funds. And the grounds like Ralitsa Terzieva’s, in which it is written that it is for a relative, are used so that the masterminds of the scheme do not look for new people to teach them how to properly dispose of the funds.
Tly received a message regarding a supposed violation of advertising rules, prompting the owner to take action to avoid account restrictions. Fortunately, the owner recognized the signs of phishing and did not provide any personal information or payment.
Experts urge users to remain vigilant against such scams. If you receive a message claiming there is an issue with your Facebook page, it’s crucial to verify the source. Always check the official channels, such as notifications in the Facebook app or legitimate emails from the platform, rather than relying on private messages.
the rise in phishing attacks targeting social media users highlights the importance of educating yourself about online security practices. Never engage with unsolicited messages claiming your account is at risk, and always report suspicious activity to the social media platform.