What is Facebook Job Scam?

Facebook fake job scam is a new trick in the vast toolkit of scammers who operate in this social media. Its essence is to trick users with offers of remote-home positions but ultimately steal their data and banking credentials. Researchers have warned of “ongoing attacks against multiple brands” that use Facebook ads to trick victims. The scams go so far as to send what appear to be legitimate work contracts to victims. However, instead of the promised work, victims receive stolen information and, in some cases, money.

In general, such scams have always existed in one form or another. We could create a whole section if we collected all the Facebook scams documented in our blog. However, this fraud has more mass scale and negative consequences. Even in the most innocuous outcome, the victim provides the scammers with confidential information, namely photos of documents. In the worst case, the victim is taken for the full ride – compromised accounts, infected devices, and stolen money.

How Do Facebook Job Scams Work?

The scammers advertise fake job openings in Facebook group chats, encouraging victims to private message them. The scammers then pose as Qualys recruiters offering work-at-home jobs. These job scam texts often occur in group chats, soliciting users to message the scammer who posts the job opening privately. Work-at-home jobs have always been a fishbowl for scammers, mainly because of the pandemic. As more people lose or quit their jobs, scammers exploit the situation by targeting job seekers. They know some people are desperate to make money and use this to lure in new professionals not used to working from home.

Once the scammers have established a connection with the victim, they ask the victim to install a third-party messenger, Go Chat or Signal, to continue communicating there. Next, the scammers ask for additional information so that the victim can sign an “official contract”. Since this contract contains Qualys logos, correct corporate addresses, and signature lines, it seems convincing. Next, the scammers ask the victim to send a copy of a state-issued ID of all sides. Finally, crooks ask the victim to cash a check for the software purchase for a new computer that will supposedly be delivered to them by their new employer.

Qualys Response

The company confirmed the increasing attacks on popular brands offering remote work. “In several cases, the scammer appears to have compromised legitimate Facebook users and then targeted their direct connections.” – they said. It stated that it does not publish vacancies on social media. Qualys also clarified that it publishes job postings exclusively on its official website and other reputable job sites. The company also gave some advice for those looking for jobs online.

Job scams are indeed a constant online security issue, one that’s currently on the rise, according to the US Better Business Bureau (BBB). Online ads and phishing campaigns are popular conduits for job scammers. They use social engineering to bait people into responding and steal their data, online credentials, or money. Without an appropriate response from companies, scams can also have a negative reputational impact on those whose brands are used in the scam.

Safety Recommendations

To avoid becoming a victim of such scams, you need to be able to recognize it at the initial stage. I have gathered the most valuable recommendations both from the company itself and from personal experience:

• Look for vacancies in special sections on official company websites. To avoid potential scams, verifying job offers by contacting the company directly via their official website instead of social media channels is essential.
• Don’t fall for tempting offers. Suppose someone offers you suspiciously favorable conditions or a salary above the market. In that case, it is a good reason to think twice. Adopt the mindset: If it’s too good to be true, it probably is.
• Never install anything at the request of strangers. You don’t need to download an app to apply for any job. Genuine recruiters will contact you through phone or email or arrange a multimedia interview at their own expense. They have the necessary tools, so you don’t need to worry.
• Don’t pay in advance. Let’s take a closer look at this point. Self-respecting organizations will not charge you a fee to hire you. Often, after the first interview, if the employer is interested in you, they will contact you again for a more detailed talk. They may also offer an internship or a trial period. But no one will take money from you for “installing software” or stuff – those expenses are always accounted for in the cost of a hire operation. On the other hand, scammers often ask for upfront payment for equipment/software/training/etc as a prerequisite. This is a definite sign of a scam. Never accept a check and cash it digitally from an unknown virtual or digital source. Always go to the bank and treat any such check with high suspicion.

If you suspect you are talking to a scammer, sever all communication immediately. Trusting your instincts and not engaging with the scammer any further is essential. At the same time, keeping a record of all previous interactions, including emails, messages, and phone numbers, is crucial. This documentation could be handy in potential investigations or to alert others about the scam. Next, change passwords and monitor bank accounts for unusual activity to protect your personal and financial data. Finally, report the scam to relevant authorities and alert your personal/professional network to prevent similar incidents.

The post What are Facebook Job Scams and How to Avoid Them? appeared first on Gridinsoft Blog.

What is the Top Maine Lobster Scam?

Top Maine Lobster scam is a new fraud scheme that targets seafood enthusiasts’ fondness, specifically Maine lobsters, as it comes from its name. They have been airing deceptive advertisements on Facebook, promising heavy bargains on frozen Maine lobsters and colossal Alaskan king crab legs. However, this is a trap, leading unsuspecting victims to a fraudulent online shop called Topmainelobster[.]com. According to the reaction on social media, numerous individuals have fallen victim to this scam. They share their stories on Facebook about placing orders and never receiving the promised products.

In addition, the investigation has revealed that at least two Facebook pages are using the name “Top Maine lobster,” and both are scams. Both pages have NO posts, but they share the same profile picture. The transparency of these pages says the pages are very young, lacking the historical data and credibility expected from legitimate businesses. Thus, the scammers behind this operation attempt to deceive and confuse potential victims with multiple iterations of their fraudulent pages.

Methods of Propagation

Scammers have been actively running ads on Facebook, luring potential customers with what appear to be unbeatable deals on frozen sea products. They claim to sell Maine lobsters and Giant Alaskan king crab legs for a meager price. The fan page, “Top Maine Lobster,” mentioned above, is the centerpiece of this scam. If something seems too good to be true, it is.

The latest trend shows a massive flooding of Meta Inc. social media sites with fraudulent ads. Although this problem has been present for a very long time, and Meta Inc. claims that it is fighting this problem, we see the opposite result. For example, Instagram is overflowing with ads for sites that sell useful products at 30-70% discounts. In most cases, these are the lowest-quality copies from Aliexpress/Taobao/TEMU. However, there have also been cases when the victim received a box with garbage inside. The ability to advertise products on social networks was initially conceived as an opportunity for young, little-known artisans to promote their products. But now, it has become a noun that, by default, is associated with scams.

Why Is Top Maine Lobster a Scam?

According to ScamAdviser, an anti-scam website, Topmainelobster[.]com has a Trustscore rating of just 1 out of 100. Such a miserable rating is a clear indicator of the website’s fraudulent nature. It signifies a lack of trustworthiness, suggesting that customers should steer clear of this online platform to avoid becoming victims of this lobster scam. Further examination reveals that the website was registered on October 25, 2023.

This newfound status raises suspicions, as legitimate and trustworthy online businesses tend to have a more extended history and established online presence. The age of this website aligns with the behavior of many fraudulent online platforms. These one-day sites often appear suddenly and vanish just as swiftly, leaving customers without their purchases or refunds.

How to avoid shopping scams?

Unfortunately, this is not an isolated case of such a scam but rather a trend. The only thing that distinguishes this fraud from others is its scale. We recommend that you thoroughly research a website before you buy anything from it. You can do your research, read independent reviews, and check the rating of the site using special services. You can also use our link scanner. This will allow you to find out some information about the site that will help you decide whether you should buy from it or not. As for Topmainelobster[.]com, this is not the first such scam, and it won’t be the last. However, knowing the signs of a scam will help you recognize it. Forewarned is forearmed.

The post Top Maine Lobster Scam on Facebook appeared first on Gridinsoft Blog.

AI Scam in Facebook Ads

The use of social media for cybercrime, in general, is nothing new. However, to maintain effectiveness, sometimes fraudsters have to adjust their tactics and adapt to current trends. Another “innovation” from cybercriminals was discovered by CheckPoint Research (CPR) experts. According to their report, fraudsters are using Facebook as a platform for their dirty deeds. Since the hottest topics are AI-related, scammers are using them as bait. Such pages often contain mentions of ChatGPT, Google Bard, or Midjourney. For the best effect, scammers heavily embellish their “services”. For example, some pages have names like Bard New, Bard Chat, and G-Bard AI, and some are not shy to name themselves GPT-5.

Obviously, many people fall for it. The main reason is that real services are unavailable in some countries, so many people can’t distinguish fakes from real ones. Moreover, the abundant number of discussions, comments, and likes make users believe in the genuinity of these posts. However, in the end, naive users are tricked into downloading and installing malware. In turn, this malware steals valuable information from the victim’s computer. This includes online passwords (banking, social networks, games, etc.), crypto wallets, and any information stored in the browser.

How does it happen?

I already mentioned that hackers create Facebook groups on AI-related topics. To look legitimate and attractive, they fill it with different content – mostly legit at this point. Next, users and algorithms come into play. As unsuspecting folks comment and like the content, Facebook promotes it into recommendations and user feeds. As a result of this manipulation, fraudulent pages can have more than two million followers, which is also compelling. Though all these pages have one thing in common – they all link to a site that offers “additional functionality”. Some links promote an application, some – a password-protected archive under the guise of necessary files for the engine, or have just one button, “Get started”. However, each option will bring malware to your PC instead of the promised one.

Fake AI Groups on Facebook Spread Infostealers

Info stealers are the primary infection that spreads through this scheme. These malicious programs aim to collect sensitive and personal data from infected devices. They scan the infected system for valuable information such as logins, passwords, bank card details, social accounts, and other sensitive information. Next, the info stealer starts secretly collecting data and transmits it to the attackers over the internet. Crooks use the data collected by info stealers for financial scams, identity theft, blackmail, or selling on the dark web.

Security Recommendations

Unfortunately, genuine artificial intelligence services cannot always influence fraudulent schemes. Therefore, it is essential that users educate themselves, recognize the risks, and remain vigilant against such schemes. Since phishing is the basis of such cyber attacks, the attackers’ main goal is to convince the victim that they are legitimate. Here are some of the ways to detect a phishing attack:

• Download software from trusted sources. Since Facebook groups are not trusted sources (even if they appear to be), we do not recommend downloading software for your computer from it. Instead, we recommend using the app or the company’s official website.
• Ignore Display Names. You should avoid falling victim to phishing scams and focus on verifying the sender’s email or web address. Phishing sites and emails can manipulate display names to appear legitimate, but checking the source is the best way to ensure authenticity and trustworthiness.
• Verify the Domain. It is common for crooks to utilize domains with slight misspellings or those that appear to be credible. It is essential to be cautious of these misspellings as they can be a sign of phishing attempts.
• Use anti-virus software. In addition to the above recommendations, having additional protection is a good idea. Even if you miss a link, an anti-malware solution will neutralize the threat before deployment.

The post Fake Ads on Facebook Promote Scam AI Services appeared first on Gridinsoft Blog.

What is Ducktail Malware?

Ducktail is malware built on .NET Core that predominantly targets individuals and employees who may have access to a Facebook Business account. The Ducktail campaign is believed to have been active since 2018. However, the author became actively involved in developing and distributing malware related to the DUCKTAIL operation in the second half of 2021. The chain of evidence suggests that the attacker’s motives are driven by financial considerations and that the cybercriminal behind the campaign hails from Vietnam.

As mentioned at the outset, the primary targets of this stealer were individuals who hold senior positions in clothing, footwear, and cosmetics companies, as well as employees involved in digital marketing, digital media, and human resources. However, the author is believed to have recently updated the malware, expanding its capabilities. The new version of Ducktail is written in PHP. Now it targets users with any level of access to Facebook Business accounts.

How does it work?

The Ducktail malware is specifically designed to extract browser cookies and use social media sessions. In this way, the attacker obtains sensitive information from the victim’s social media accounts and over Social Media Business accounts respectively. The scammers then use the access to place advertisements for financial gain. We will now look at this process in more detail.

Delivery

To infect a target device, attackers use time-tested social engineering. I have repeatedly mentioned that the weakest link in any defense is the human factor, so this tactic will always be relevant. First, scammers place a malicious file on popular cloud storage. They typically use Google Drive, OneDrive, Mega, MediaFire, Discord, Trello, iCloud, and Dropbox. Next, they trick the victim into downloading and opening the malicious file. To do this, hackers contact the victim via social networks, and send a link to the archive. To make it look more legitimate, they pick a name like “Project Information And Salary Details At AVALON ORGANICS.zip”. Consequently, no suspicion is raised by the victim.

Inside the archive, there may be some thematic images (e.g., images of cosmetics, if it is a cosmetics company) and PDF or PDF document files. In reality, however, these are executable files disguised as documents, as can be seen by checking the file extension. These files are actual payloads – .NET assemblies that carry both executable sections and DLLs in it.

Info Stealing

Once launched, Ducktail scans web browsers, mainly Google Chrome, Mozilla Firefox, Microsoft Edge, and Brave Browser. The malware extracts all stored cookies as well as access tokens. It is also interested in information such as name, user ID, email address, and date of birth from the victim’s Facebook account. The malware scans registry data in HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet to get each installed browser’s name, path, and icon path.

Hacking process

Ducktail uses the victim’s social media session cookie and other security credentials obtained. This allows it to interact directly with other social media endpoints from the victim’s computer, extracting information from the victim’s social media account. In addition, the malware checks for two-factor authentication and, if positive, tries to obtain recovery codes. It can also steal access tokens, IP addresses, and user agents, data from commercial and advertising accounts connected to the victim’s personal account. This allows attackers to hijack these accounts and add their email addresses to gain admin and financial editor access.

While the former is self-explanatory, administrator rights give complete control over the Facebook Business account. Financial editor rights allow the change of credit card information and financial details of the business, such as transactions, bills, account charges, and payment methods. Because Ducktail accesses this information by sending requests from the victim’s computer, he impersonates a legitimate user and his session. This is achieved by masking its activity behind the victim’s IP address, cookie values, and system configuration. In addition to the data obtained, the malware attempts to get data from the Facebook Business page the following information:

• Payment initiated
• Payment required
• Verification Status
• Owner ad accounts
• Amount spent
• Currency details
• Account status
• Ads Payment cycle
• Funding source
• Payment method [ credit card, debit card, etc.]
• Paypal Payment method [email address]
• Owned pages.

Exfiltration

As C&C server, Ducktail uses Telegram messenger as a channel. Fraudsters use Telegram.Bot client library makes it easy to upload a file to a chat with a Telegram bot. Finally, the malware runs an infinite loop in the background, establishing a continuous exfiltration process.

How to protect yourself?

Ducktail is a narrowly targeted information thief that can have severe financial losses and identity theft. Its authors constantly make changes and improve delivery mechanisms and approaches to steal sensitive user information. However, the following tips can help you keep the chances of infection to a minimum:

• Only download applications from trusted sources. Please avoid URLs that may be used to spread malware, like Torrent or Warez.
• Use strong passwords and remember to update them regularly.
• Enable multi-factor authentication whenever possible.
• Use reliable antivirus and internet security software on all your devices, such as your PC, laptop, and workplace PC.
• Avoid opening links and email attachments unless you can verify their authenticity.
• Keep an eye on the network beacon to prevent data exfiltration by malware or TAs.
• Consider enabling Data Loss Prevention (DLP) solutions on your employees’ systems.

Ducktail IoCs

MD5:691ca596a4bc5f3e77494239fb614093
MD5:618072b66529c1a3d8826b2185048790
MD5:b4125e56a96e71086467f0938dd6a606

SHA1:20f53032749037caa91d4b15030c2f763e66c14e
SHA1:936139fc7f302e3895f6aea0052864a6cb130c59
SHA1:e692a626c6236332bd659abbd4b1479b860bf84a

SHA256:f024e7b619d3d6e5759e9375ad50798eb64d1d4601f22027f51289d32f6dc0ca
SHA256:2650e6160606af57bd0598c393042f60c65e453f91cde5ecc3d0040a4d91214d
SHA256:385600d3fa3b108249273ca5fe77ca4872dee7d26ce8b46fe955047f164888e7

The post Ducktail Infostealer Malware Targeting Facebook Business Accounts appeared first on Gridinsoft Blog.

Fake ChatGPT Plugin Spreads via Chrome Web Store

Chrome Web Store serves as a default place to get add-ons to your browser. This, however, creates a menace of flooding this service with malicious or just junky extensions. Filtering them out, as practice shows, is not an easy task. In some cases, malicious plugins manage to score 100,000+ downloads before being wiped from a store. Still, most of them are not immediately dangerous, as their functionality resembles adware or browser hijackers.

Fake ChatGPT plugin used the worst breaches present in Web Store, as well as in Google Ads. To promote the plugin, crooks who stand behind it purchased the sponsored advertising in Google Search results. It all ended up with victims seeing a link to install a malicious ChatGPT plugin on top of a search query. Being published in the Store on February 14, 2023, it started to bloom only a month later, after the mentioned advertising appeared. By March 22, Google managed to remove the plugin from the Web Store and toggle the advertisements down. However, over 2 million people already managed to install that malware – so it is a clue for understanding the scale of possible problems.

Malicious ChatGPT add-on hijacks Facebook accounts

Key thing that made this plugin so bad is the fact that it was aiming to hijack Facebook accounts. Even though it proceeds with giving your what it promised, the crime happens right after the plugin installation. That was done via collecting the cookies, which browser plugins have access to if the user gives corresponding permission. The exact plugin was offering “quick access to GPT chat”, thus it is not clear whether it may need user cookies. Still, that barely bothers people who want to get ChatGPT access in one click.

Cookies in web browsers act as a form of temporary info storage, which is needed for websites to remember the user’s choices, nickname, and other trivia details. Some websites store session tokens within cookies – and Facebook is among them. The risk here is that a third party can relatively easily parse these cookies and retrieve the session token. This, in turn, gives them full access to your account – and they will likely use it immediately. That is dictated by a usual session tokens expiration time – less than 24 hours. Seeing that your account sent numerous spam messages to your friends and posted scam offers or even extremist propaganda is at least embarrassing.

How to avoid malicious browser plugins?

It may be difficult to distinguish fraud at a glance, especially when Google promotes it to you. First and foremost, keep track of official announcements. If an organisation or company never claims to know about browser plugins or any other add-on, it will be a bad idea to trust the one you find online. Even seeing a huge number of downloads does not mean it is safe and legit – at least because the counter may be artificially boosted.

Controlling the permissions you give to add-ons is another possible remedy. Yet it also does not guarantee that the plugin will not misuse that privilege. For that reason, the best option is to use anti-malware software. A program that will detect malicious software by its behavior, regardless of its form, is an essential thing these days. Try out GridinSoft Anti-Malware – it works perfectly in protection against unusual threats, including browser plugins.

The post Malicious ChatGPT Add-On Hijack Facebook Accounts appeared first on Gridinsoft Blog.

Why Are Facebook Attacks Dangerous?

If the problem were negligible, it would have been written about less. Nevertheless, according to the U.S. Federal Trade Commission, more than 95,000 people have reported about $770 million in losses due to Facebook Fraud. Moreover, reports of people losing money due to Facebook attacks undertaken on social media have more than tripled in the last year.

Top Facebook Scams You Need To Know

The most common online fraud schemes are Facebook phishing emails, loan offers, profile cloning, fake live streams, dishonest pranks, and cryptocurrency scams. More things existed earlier, and even more may peek out in future. We will now break down the most popular points in more detail about Facebook fraud.

Facebook Email Scams

You get an email that looks like it came from Facebook, but it doesn’t. It may use the Facebook logo and look like the real thing. More often than not, the email prompts you to log in to your Facebook account to read an important message or protect your account. In some cases, scammers may threaten to make you act quickly and without hesitation. For example, they may write that all of your messages will be deleted (due to your inactivity on the platform) if you don’t log in.

The link they offer you to follow leads to a website copy, that aims at grabbing the credentials you type there. This is popular and dangerous examples of Facebook attacks. However, the link in the email is malicious. Suppose you click on it and enter your information. Then scammers can send messages to your friends, post content pretending to be you, or try to use your information to access your financial accounts.

Facebook Marketplace Scams

Since so many of us use the Facebook Marketplace to make sales and purchases, there is a chance of getting caught up in Facebook scams that affect how we trade and buy things online. These can be scammers asking for extra postage, people posing as legitimate businesses, or sellers selling authentic “celebrity-signed merchandise”. Unfortunately, such scam threatens financial losses and leakage of personal information, such as credentials or your bank card data.

Facebook Dating Scams

This is one of the oldest scams associated with scammers who pose as love interests. These fake romantics are people you’ve never heard of before. They pretend to have experienced a traumatic breakup or use flattery to woo you. This scam is designed to play on your emotions. However, it always ends the same way – in the end, they ask you to send money. If you give in to their pleas, you’ll end up without money.

Facebook Lottery Scam

Lottery scams are often carried out using accounts or pages impersonating someone a person might know in real life. Scammers can also pretend to be an organization, a government agency, or Facebook administration. The fraudulent messages claim that the recipients have been selected as one of three fake lottery winners. This Facebook email spam acts as a phishing scam. That is, the goal is to extract sensitive information. With the help of social engineering, scammers can repeatedly extort money from the victim. They will claim it is a “commission,” which cannot be deducted from the prize for some complicated legal reason. In addition to the financial cost, the victim may give their personal information to the scammers, leading to even more unpleasant consequences.

Facebook Messenger Scams

Whether it’s a friend or a stranger who sent you this message, you might panic when someone leaves you a message like “Oh my God, look what they’re saying about you” and click on the link to find out what’s going on. Again, it’s about letting your curiosity take over and making your inquisitive nature say, “I want to know.” But don’t click! A vague message makes you suspicious, and clicking on it can download malware onto your computer or phone. Links may lead to exploit sites that aim at tracking your location and, if possible, delivering malicious software.

Facebook Messenger Fake Messages From Friends

Please be skeptical if you receive a friend request from someone with whom you already have in your Facebook friends. Fraudsters clone the person’s entire Facebook profile, creating a fake one. From your “friend’s” page, the hacker may send a link to a get-rich-quick scheme or an excellent quote, which you would ignore from an anonymous email but not from a trusted friend. The consequences are similar to the previous case.

Facebook Marketplace Car Scams

This scam involves scammers trying to scam people who want to buy a car through the marketplace. The con is that the scammer puts the price of the car much lower than its actual value. The scammer also claims to have arranged a deal with eBay Services in advance, so the buyer sends the money, and the car is shipped in at least three days. Next, the buyer has five days to inspect the vehicle before “service” transferring money to the seller. However, after the money is sent, the seller disappears, and obviously, no car arrives for the victim.

Another kind of this scam means scammers list the same items at different prices from multiple fake Facebook accounts. Usually, their prices are much lower than comparable prices. This is done to entice the victim. But once the victim negotiates the price and pays them, the goods never arrive. Many of these accounts previously belonged to legitimate users who stopped using Facebook without realizing that someone else had access to their account or was hacked and sold on Darknet after the hack.

Facebook Ad Scams

Another tried-and-true tactic is to play on money savers. Hackers offer victims these bargains, for example, through fake apps promising deals. Unfortunately, the app is a Trojan horse. When users install it on their devices to get coupons or discounts, they only get malware.

Scammer List on Facebook

This list was probably created by victims who had suffered at the hands of these scammers. Most likely, it was supplemented in the process and consisted of scammers or dubious traders, or services

The post Facebook Fraud: Other Dangerous Facebook Scams (Part #2 by Gridinsoft) appeared first on Gridinsoft Blog.

A report from Hootsuite, a social media management platform, states that Facebook Marketplace has over one billion monthly active users worldwide. Additionally, the service reaches 562 million people through ads. One of the reasons this service has risen in popularity is that it doesn’t require any payments to list items for sale or take out newspaper ads. Instead, it connects buyers and sellers for free.

But like any other platform, there are various fraudulent frauds. This article will provide you with a guide to some types of scams on Facebook Marketplace.

Identifying Facebook Marketplace Scams

Facebook recognizes the possibility of fraud on its platform. However, how can you differentiate between a scammer on Facebook Marketplace?

It’s important to be aware of scams that can happen when buying or selling on the Marketplace, according to Facebook’s help section.

He warned people to avoid quick responses and immediate payments. He also recommended waiting at least 12 hours before replying to any offers. Most buyers will ask for additional information about the item for sale. They typically want to see the item in person before paying. Often, sellers may offer the product at too high a price, or they may arrange the offer urgently. Please don’t rush to make these decisions until you’re sure it’s a legitimate company.

Facebook Marketplace Scams

You can get scammed as both seller and buyer on Facebook Marketplace. Buyer fraud occurs when someone tries to buy or trade an item without paying. In seller fraud, someone offers something to sell but doesn’t deliver as promised. Potential Facebook Marketplace scams spotted by Facebook and security experts include these 9 tactics.

1. Send the Item Before Payment Is Received

A buyer can create a fake receipt claiming they’ve paid for merchandise and request the item be sent immediately. Alternatively, a buyer shouldn’t ask the seller to pay in advance.

Because Marketplace sells merchandise via a third party, it would be better to use an accepted payment method when buying items. This includes PayPal and Facebook Marketplace. If paying with PayPal, don’t state that you are paying the seller as a friend or family member. Doing this will invalidate your Paypal protection and might even cause them to lose their funds.

2. A Deal Too Good to Be True

Did you see a listing for the latest popular Nike shoes, for example, at 1/10 of the retail price? The shoes probably are counterfeit, if the goods will be shipped at least.

Ask to see multiple photos of the shoes, a live video, or even an original sales receipt before agreeing to buy. Again, pay with PayPal or another method that protects in case they are counterfeit.

3. Immediate Interest

The “Buyer” wants you to text to arrange for immediate pickup. They will attempt to get your phone number. At this point, scammers can quickly register a Google Voice number, triggering a verification code to be sent to your phone. Scammers will ask you to send a code to confirm you’re real.

What is this scam? I’m selling something on Facebook marketplace, and then this lady wants me to share a Google voice SMS validation. Is she trying to log into *my* Google voice number? pic.twitter.com/ik95KvqyeX

— Scott Hanselman (@shanselman) July 29, 2021

In fact, this code unlocks your Google Voice number for crooks, so then they will use it for more frauds. Since these numbers are trusted, other scams’ efficiency will gradually increase.

4. A Fake Rental Property

The advertised home may be exactly what you’re looking for, but don’t make a deposit until you or someone you trust has had a chance to look at the home to make sure it’s just as advertised – and available. Scammers advertise properties that aren’t even rented out, collect money, and disappear.

SCAM ALERT Victim contacted suspect via Facebook regarding apt rental..Victim met up with suspect &

Victim 1 gave $550
Victim 2 gave $1,100
Victim 3 gave $1,050
3 different victims, SAME SCAM! Protect yourself! pic.twitter.com/PXfh7Y1NHW

— NYPD 48th Precinct (@NYPD48Pct) January 29, 2018

5. Bait and Switch

This is a classic bait with a single product advertisement followed by a replacement. For example, you are interested in some product, but the seller says it is no longer available. Then it offers you a more expensive product that is available. Here you need not be afraid to refuse such an offer, as it is most likely a fraudulent scheme.

6. Overpayment

In this case, the buyer and seller agree on the price, for example, 30 dollars. But the scoundrel pays 50 and tells the seller that he accidentally overpaid and asks for $20 back. It’s not a problem until the bank catches up with you. Since the buyer pays 50 instead of 30, then asks the bank to cancel the entire transaction and tells you that he accidentally overpaid. So he gets $20 from you, receives a chargeback, and disappears with both.

7. Giveaways

Offers about getting something cheap in a giveaway are probably a phishing scheme. When you see the list of the latest discounts – it is ok. But when there is no discount but an offer to share your details by the link in the lot description – that should be a red flag. Such lots often lead you to a third-party site, which will ask for your details – the data needed to participate in that “giveaway”. As you can guess, those sites are no good, and you will receive nothing. Meanwhile, crooks will freely manage the data you’ve kindly provided for free.

Ensuring a Secure Facebook Marketplace Experience: A Guide to Reporting Scams

In the age of online transactions, ensuring the security of your transactions on platforms like Facebook Marketplace is crucial. You might find yourself wondering, “How can I trust the Marketplace on Facebook?” Given the prevalence of scams and fraudulent activities, it’s a valid concern.

Fortunately, Facebook has implemented measures to make it easy for users to report suspected fraud and maintain a safe online marketplace. If you’ve fallen victim to a scam, it’s essential to take immediate action. Facebook provides a straightforward process to report scams on the Facebook Marketplace, and doing so promptly can help protect both yourself and others in the community.

Steps to Report a Facebook Marketplace Scam:

1. Document the Details: Before reporting a scam, gather all relevant information. Take screenshots of the conversation, listing details, and any other evidence that can support your case. The more detailed your documentation, the better equipped Facebook will be to address the issue.
2. Visit the Reporting Page: Access the official reporting page dedicated to Marketplace scams. This page will guide you through the reporting process and provide specific options related to fraudulent activities.
3. Select the Relevant Category: Facebook offers various categories for reporting different types of issues. Choose the category that best describes the scam you encountered. This ensures that your report reaches the appropriate department for faster resolution.
4. Provide Detailed Information: Fill out the report form with accurate and detailed information. Be specific about the nature of the scam, the user involved, and any supporting evidence you have collected. Clear and concise information expedites the review process.
5. Submit the Report: Once you’ve completed the form, review the information to ensure its accuracy. Click the submit button to officially report the scam to Facebook. After submission, Facebook’s team will investigate the matter.

Contributing to a Safer Community:

It’s not just about protecting yourself; it’s also about safeguarding the entire Facebook Marketplace community. If you come across someone attempting to defraud others, consider it your responsibility to report them. By doing so, you contribute to a safer and more trustworthy online environment for both buyers and sellers.

Remember, vigilance and timely reporting are key components of a secure online experience. Stay informed, stay cautious, and actively participate in maintaining the integrity of the Facebook Marketplace.

By following these steps and encouraging others to do the same, we can collectively create a marketplace that thrives on trust and transparency.

The post 7 Facebook Marketplace Scams to Watch Out appeared first on Gridinsoft Blog.

“The Internet and the world cannot wait on platforms to do the right thing, especially when so much depends on it. This partnership seeks to lead the way in providing new and critical ways of illuminating the reality of the internet, led by the people who make it. This partnership comes at a time when the consequences of fragmented awareness have never been more stark,” Ted Han, Rally Product Lead at Mozilla shared with the public.

Mozilla Firefox collaborated with journalists to study the mechanisms of Facebook pixels` work

In 2021 Mozilla released Rally, a Firefox extension that performs a key function in studies and researchers initiated through and completed with collaboration of Mozilla. Before the Markup, browser maker had already collaborated with Princeton University’s Center for Information Technology Policy on information and disinformation concerning politics and COVID-19 throughout online services. And they still have ongoing collective work with the Stanford University Graduate School of Business on information intake and the effect of ads.

The Markup research this time also will use the records supplied through extension. Rally lets customers who, of course, want to do that to volunteer their very own surfing conduct records contributing in such manner to studies. Markup and Mozilla have intentions to unveil the scheme on how the Facebook pixel-powered ads community works and likely get solutions to the subsequent questions: How vast is Facebook’s monitoring community? What different methods does Facebook enable to trace people? What sort of records does the Facebook pixel collect? What can this records disclose about people? Which sites partake in collection of these records? Researchers under Facebook Pixel Hunt study add that company may gather information about you even if you don`t have an account. And everything is possible via the specific Facebook`s pixel network

Facebook won`t let you just come near it

Facebook is well-known for its stubbornness in opposition to any third parties’ projects to dig into the machine of its platform. It canceled, close down and blocked several tasks, amongst them: NYU’s AdObserver researchers’ accounts, CrowdTangle, ProPublica’s Ad Transparency tools. The company even changed its very own code to stave off the Markup’s investigation with Citizen Browser from amassing persons` records. The Facebook Pixel Hunt study will run on until July 13, 2022.

The Facebook pixel is a snippet of JavaScript code that masses a small library of features that advertisers can use to trace via Facebook ads-pushed visitor activity on their internet sites. The mechanism makes use of Facebook cookies, which lets in advertisers to connect internet site traffic to customers corresponding Facebook User accounts. In such a way they can rate clients behavior within the Facebook Ads Manager.

The post The Facebook Pixel Hunt appeared first on Gridinsoft Blog.

According to court documents, Solonchenko abused Facebook Messenger’s Contact Importer feature. Previously, this feature allowed users to sync their phone address books and see which contacts have a Facebook account (so users could connect with their friends through Facebook Messenger).

According to Facebook, from January 2018 to September 2019, Solonchenko used an automated tool to simulate Android devices and bombarded Facebook’s servers with millions of random phone numbers. Since the company’s servers in response reported for which phone numbers the account exists on the site, Solonchenko collected a huge array of data, which he put up for sale on the well-known hack forum RaidForums on December 1, 2020.

On the forum, Solonchenko used the pseudonym Solomame (later barak_obama), and sold the data of hundreds of millions of users of various companies.

Experts of the social network managed to connect Solonchenko with the user Solomame after he used the same nickname and left the same contacts for communication on several job search portals.

The social network is now asking a judge to sign an injunction prohibiting Solonchenko from accessing Facebook sites and other products and from further selling the scraped data. The social network is also seeking redress, although it is not yet clear what amounts are involved.

It is worth noting that in the spring of this year, another person put up for sale the data of 533 million Facebook users, also collected in a similar way. Back then, Facebook representatives said they had disabled the Contact Importer feature back in September 2019 when they discovered it was being abused by hackers.

The post Facebook sues Ukrainian who sold data of 178 million users of the social network appeared first on Gridinsoft Blog.

The failure was caused by a BGP routing issue. Currently, all services are already operating normally.

Amid problems with access, rumours of hacking and a colossal data leak began to spread across the network: the company was allegedly hacked and the information of 1.5 billion Facebook users was leaked to the network. This information turned out to be a lie.

Crash

On October 4, at about 6 pm Moscow time, Facebook, Instagram and WhatsApp went offline around the world. Apps didn’t work and browsers showed DNS error when trying to connect to sites. An attempt to connect directly to Facebook’s DNS servers also failed.

At first, it seemed that the problem was related to DNS, but later it turned out that everything is somewhat worse.

As experts including Giorgio Bonfiglio, head of Amazon AWS Technical Support, explained, Facebook’s routing prefixes suddenly disappeared from BGP routing tables, making it impossible to connect to any services hosted on those IP addresses.

As it turned out later, when social networks started working again, the experts were completely right. Facebook officials issued an official press release stating that the crash was caused by an error while changing the configuration of the backbone routers.

It also reported that configuration issues have impacted the company’s internal systems and tools, making it even more difficult to diagnose and recover. It is worth saying that yesterday, numerous anonymous sources in the media and social networks reported that Facebook employees were not able to quickly get into their own data centres and access critical equipment, since real chaos reigned in the company itself due to a failure.

For a better understanding of what happened, Bleeping Computer explained that BGP (Border Gateway Protocol) is the routing protocol on which the entire Internet operates, it allows devices on one side of the world to connect to devices on the other using routes (prefixes).

Because Facebook configured its entire organization to use a domain registrar and DNS servers hosted on their own routing prefix, when the prefixes were removed, no one could connect to those IP addresses and the services running on them.”Facebook developers have already apologized for what happened:

Interesting consequences

• Pavel Durov said that amid global shutdown of Facebook, Instagram and WhatsApp, Telegram’s audience increased by 70,000,000 people in one day. Durov greeted new users and promised that Telegram will not fail when others fail.
• According to Haystack analysts, during the five-hour outage, developer activity increased significantly: the number of pull requests increased by 32%.

Fake leak

During the global shutdown of Facebook and other services of the company, a real panic arose on the network. The fact is that many media outlets reported that the failure did not occur by accident, the company was allegedly hacked, and now the personal data of one and a half billion users of the social network are sold on the darknet.

A huge (about 600 TB) dump that actually appeared recently on the RAID forum, allegedly contains names, email addresses, phone numbers, IDs, gender and user locations.

The problem is that this dump went on sale at the end of September, and the data, apparently, was collected using scraping (that is, collecting and aggregating already open data). Such databases appear on the black market regularly. Moreover, as noted by Vice Motherboard, other members of the hack forum have already accused the seller of fraud.

Researchers at PrivacyAffairs report that while the seller is trying to deny these allegations and continues to claim that the data is genuine, but there is little faith in this, as many researchers and information security journalists note.

Let me remind you that I also said that Information of 533 million Facebook users leaked to the public.

The post Facebook explained reasons for the global failure appeared first on Gridinsoft Blog.