Cyber crime

Top social media scams: 9 Facebook scams to avoid

Shanna Hall
5 Min

If you’re one of the 21.3m regular social media users in Australia, you’ll have no doubt come across some social media scams. While some are more obvious than others, social media is the perfect hunting ground for cybercriminals looking for prey. In 2022, Australians reported losing $80.2 million to social media scams, which was up 43% on the previous year. 

ASIC is onto it – it’s currently taking down 20 scam investment websites every day – but regardless, Facebook is littered with scams. 

In fact, 62% of Facebook users say they encounter scams on a weekly basis (that’s the highest of any social media channel) – so it’s wise to be armed with some idea of what to look out for before your next social media scroll. 

1. Facebook Marketplace scams

Facebook Marketplace scams are rife, and a common one revolves around the potential buyer not being able to come and view or pick up the item as they are overseas or away from home. They say a friend will collect, but they’ll send you the money first. So far, so good. They then ask if they can pay via PayID, which again is no cause for concern on its own. However, they’ll then send you a transaction message, which shows there was a problem crediting your account as you’re not a business user.

To upgrade to a business account, you need to deposit an additional sum of money. Of course, this money would go straight to the fraudster, rather than your account. PayID doesn’t have personal and business accounts – it’s simply a mechanism of associating your phone number, email address or ABN with a specific bank account to make it easier for people to pay you.

As well as PayID scams, watch out for ‘too good to be true’ deals (they are), ignore any requests to move conversations off Messenger, and if the buyer wants to receive payment in gift card or any ‘unusual’ payment platform, run.

Check out any potential buyer’s Facebook profile before responding. If they are genuine, they will usually be local and have a ‘full’ profile.

2. ‘Your account will be suspended’ messages

An increasingly common one on Facebook, especially for business users, is a message pretending to be from Facebook admins, letting you know your account will be suspended due to copyright infringement or similar, and to keep your account active you need to click a link. Rather than clicking the link, click on the profile of the sender to see that, while they may be using the Facebook logo, they certainly are not Facebook. Report and delete.

3. Fake friend requests

You will no doubt have received friend requests from people you don’t know. If you don’t know them, don’t accept. But what about requests from people you do know, and you thought you already had as a Facebook friend? This is happening increasingly, and should be reported. Criminals clone your friend’s details and create a new account, sending friend requests to their contacts. If you accept, not only are you giving them access to your personal information, but increasing the risk of clicking on links they send you.

4. Links about you!

Another tactic is a message from ‘a friend’ (a.k.a a scammer who’s hacked your friend’s profile) sharing a link to a ‘video of you’. OMG! THIS IS YOU! HAVE YOU SEEN IT YET?! No, it’s not you, and no, you should never click on the link.

5. Discount shopping and coupon apps

We all love a bargain. Who doesn’t like to feel like we’re getting a good deal? But that desire shouldn’t outweigh good security habits. Hackers are increasingly promoting apps through Facebook ads that purport to give you fantastic discounts and coupons for all of your favourite brands. But in reality, the app you download will be malware – malicious software – that gives cybercriminals access to your phone.

Basically, if it feels like a good deal, take a step back. Often, it really is too good to be true.

6. Fake apps

A similar approach to the discount codes apps, this one will offer benefits such as ‘we’ll notify you if someone unfriends you’ and ‘find out who’s been looking at your profile’. Generally, you’ll install it, and while it might give you some insights, you’ve also given it access to a lot of personal information.

7. Facebook quiz scams

Quizzes can be a lot of fun on Facebook – but think twice about the questions you’re being asked and the answers you’re giving. Because if those quizzes are asking for sensitive information – for example, your mother’s maiden name, the name of your first pet, or your favourite cooking ingredient – you might be handing over your own Facebook password recovery questions.

8. Celebrity endorsement scams

Cyber crooks have used a number of high-profile personalities to endorse phony investment opportunities – which, of course, are scams. David Koch is one who’s been famously vocal about the lack of action Facebook has taken after his image and name has been used to endorse such scams. Around 60% of scam losses involve fraudulent investments – so if a celebrity is endorsing something on Facebook, it’s probably best to scroll right on by.

9. Romance scams

Romance scams have been around on Facebook for years, and the premise is simple but effective. A romance scam involves a person you’ve never met engaging with you on Facebook – for example, in response to a comment you’ve made. They gain your trust and begin direct messaging you over weeks and months – this is definitely a long game. Eventually, after winning your trust, they’ll create some type of scenario that requires you to transfer them some money – it could be to buy a flight to see you, it could be to help their sick child. Bottom line: never send money to someone you’ve only ever met online.

Tips to stay safe when using Facebook

  • Secure your account with a strong password and two-factor authentication (2FA)
  • Make sure your backup contact details are up to date
  • Turn on log-in alerts to notify you of log-in activity
  • Use the Facebook Security Checkup
  • Don’t click on suspicious links in ads, direct messages, or updates friends share
  • Do not accept friend requests from people you’re already friends with – or people you don’t know
  • Review your session histories to ensure there’s no activity you don’t recognise.
Lone figure standing in crowd
Check to see if your details have been exposed to scammers
If your data has been exposed in a breach, you might be at higher risk of being targeted by scammers. Use Eftsure's email checker tool to see if your information has been caught in a breach or leak.

Related articles

Cyber crime

How to block spam calls

If you’ve ever gotten a call from a number you didn’t recognize and picked up the call only to realize that it …

Read more

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.