Facebook Messenger scams prey on our vulnerabilities
Scams through Facebook’s Messenger platform are being reported at higher rates than ever before, according to AARP, citing its own data as well as that of the government. Since Facebook’s early days, cybercriminals have been mining Facebook’s direct-messaging capabilities to scam unsuspecting victims out of money. One of the earliest Facebook Messenger scams involved a message, purportedly from a friend, claiming they were stuck in a foreign country and in desperate need of immediate financial assistance to get out. It wasn’t really the friend, however, but rather a scammer who had hacked into the friend’s account. (Here’s how to tell if your phone has been hacked.)
Imposter scams such as “the friend in a foreign country” have evolved and proliferated over the years. The common thread is the scammer either creates an account impersonating an actual Facebook account or hacks into an existing Facebook account. In either case, the scammer then uses the fake/hacked account to send private messages to the account holder’s friends that elicit either money or personal information. The messages vary, but all are designed to prey on our human vulnerabilities, including:
- the desire to be a “hero”
- the desire to appear “generous”
- the desire to win “free money”
- the desire to be loved and admired
- the desire to avoid shame or punishment
If a scammer tries to message you, report them, Facebook advises, but that begs the larger question of how does one recognize a Facebook Messenger scam?
Current Facebook Messenger scams
According to Facebook and our cybersecurity experts, here are the most common Facebook Messenger scams today:
- Romance scams. Preying on our desire to be loved and admired, romance scammers appear as attractive strangers with sad stories and a desire to love and be loved. The most effective romance scammers will friend a number of mutual friends before reaching out to any of them, in an attempt to make themselves seem less like strangers and more like people in the same social network. Many use photos they’ve stolen off the Internet and many pose as members of the military or as doctors, in an attempt to inspire trust, admiration, and even authority. What they all have in common is they can’t meet you just yet because they’re somewhere far away, and although it may take a bit of time, even as much as several weeks, they will eventually ask you to send money so that they can come to see you.
- Lottery scams. Preying on our desire for “free money,” lottery scammers appear as friends or organizations who are thrilled to tell you you’ve won money in some lottery or contest. The common thread? It’s a contest you have no recollection of having entered and to get the prize, you’ll have to either pay a fee or “refundable” advance or provide personal information such as your social insurance number.
- Inheritance scams. Also preying on our desire for free money, inheritance scammers claim to be lawyers or others who represent someone who has died and supposedly left you their estate or some portion of it—but first, you’ll have to fork over some money or personal information.
- Loan scams. Another variation on the “free money” theme is the loan scam, whereby the scammer promises low-interest loans with no money down—except for a “refundable” application fee. Facebook points out that loan scammers may send messages via Messenger and also leave posts and comments on Pages and in Groups to legitimize themselves. However, legitimate lenders wouldn’t offer loans via Facebook Messenger, nor would they ask you for money to proceed with a loan application.
- Donation scams. Facebook specifically warns users to watch out for “famous people” or people claiming to represent a charity hitting them up for a donation. Donation scams, which are easy money for a scammer because they are a direct request for payment, prey on our desire to be perceived, or to perceive ourselves, as generous.
- “Hey, is this you?” scams. Consumer Affairs warns of this “phishing scam” that uses the threat of shame to goad you into giving up personal information. The scammer hacks into one of your Facebook friend’s Messenger accounts and sends you a video, asking if it’s really you in the video, and implying there’s something in the video that could embarrass you. If you ever get a message like this, Consumer Affairs urges you to ignore and delete it to avoid giving away personal information or introducing a virus onto your computer.
Learn the secrets of people who never get hacked.
Red flags to watch out for
Unfortunately, Facebook Messenger scams evolve rapidly (as soon as we suss them out, there are several more to replace them). So, it’s a good idea to be aware of these warning signs that we culled from our experts:
- Someone is asking you for money. While Facebook warns specifically against strangers asking for money, Rachel Wilson, investigative coordinator for The Smith Investigation Agency, points out to Reader’s Digest that any time anyone asks you for money over Messenger, it’s immediately suspect. “If friends or family ask you to help them in an emergency, always call to speak with them personally to confirm that the message originated with them.”
- Someone is getting a little too personal. When someone sends you a message requesting personal information, especially identification numbers and financial information, it should be considered suspicious, advises Sean Messier, credit industry analyst for Credit Card Insider. Messier suggests not revealing any such information until you’re certain the message-sender is who they claim to be, but it’s probably also a good idea to never reveal any such information over Messenger at all.
- Someone is offering something for free. You know how they say there’s no such thing as a free lunch? Well, there’s no such thing as free money on Facebook, points out Robert Siciliano, security expert for Porch. This is true for any kind of “free money” Messenger message, including those involving lotteries, loans, contest winnings, inheritances, lost bank accounts, and reimbursements of money owed.
- Someone who wants to take the conversation off Facebook (to text or email, etc.). Facebook warns against taking conversations off Facebook unless you’re absolutely certain, beyond a shadow of a doubt, the message sender is who they say they are.
- Messages that seem out of character for the sender. If a message seems “out of the norm” for the sender, trust your instincts and ignore it. This is doubly true if the message includes an attachment. Be very wary of opening attachments in general, and particularly if something seems “off” about the message or the sender.
- Messages rife with spelling and grammatical errors. Facebook points out that when a message is filled with typos and grammatical errors, you should have your guard up. A single typo is one thing, but things like the misspelling of names and places are a big red flag.
- Messages from new accounts with few friends. Roger Thompson, CEO of Thompson Cybersecurity Labs, points out that new accounts with few friends should always be considered suspicious until confirmed otherwise. Friend requests from such accounts and from duplicate friend accounts should be considered suspect as well.
To avoid getting hacked (and used by a cybercriminal in an imposter scam), Wilson recommends updating your social media passwords regularly and always use two-factor authentication. (Make sure you avoid these common password mistakes.) She also notes that with Facebook use increasing among seniors, it would be a good deed to speak to older family members about Messenger scams and how to avoid them.
Now that you’re familiar with these common Facebook Messenger scams, find out why you need to stop commenting on viral Facebook memes.