Skip to Content
Security & privacy

Alert! Scammers have a new sinister trick to steal from you

Even though Facebook is having a terrible year when it comes to public relations, people can’t seem to stay away. I’m sure that you remember the Facebook/Cambridge Analytica fiasco that made headlines a few months ago. Many people freaked out at the loss of privacy over that incident.

However, it wasn’t enough to scare people off social media. There are still more than 2 billion active monthly users on Facebook.

The massive number of users is what draws cybercriminals like bugs to a swamp. Think about it, it’s actually a numbers game, more users means more potential victims. That’s why you really need to pay attention to this scam making the rounds. Don’t forget to help out your family and friends by simply clicking the share button to post this article to Facebook.

Old scam with a new twist

One of the sneakiest tricks in the cybercriminal playbook is spoofing websites. That’s when a fraudster creates a site that’s intended to look exactly like a retailer’s site for the purpose of ripping people off.

Here’s how it works. Customers think they are on the official site of a retailer. Typically, they get to the spoofed site by typing in the wrong web address or clicking on a malicious link through a phishing email or online search result.

Once a customer is on what they think is the official site, they feel comfortable entering their credentials and payment information. Unfortunately, when you enter this sensitive information on a spoofed site you’re handing it directly to scammers. That’s when they can cause all kinds of havoc in your life such as stealing your identity, stealing money from bank accounts, racking up credit card debt, etc.

Now, this oldschool spoofing scam has taken a new twist. Scammers are now tricking victims by creating spoofed posts on social media sites, especially Facebook.

A recent example was what appeared to be an iPhone 8 giveaway. Posts spread across Facebook offering people the chance to win an iPhone 8 by liking and sharing the “iPhone 8 Official” page.

Image: Example of iPhone 8 giveaway scam. (Source: Facebook)

After liking and sharing the post, users were instructed to follow the post’s link and enter their credentials on the site. The problem is, this page was not created by Apple, it was made up by a fraudster.

These types of scams can end in multiple results and none of them are good. If you click on the link, instead of just handing over credentials you could be asked for credit/debit card info to supposedly verify who you are. The site could also infect your gadget with malware, or ransomware. Yikes!

Don’t be fooled by the spoof

The iPhone giveaway scam is just one example of a rash of spoofed social media posts. With so many threats out there it’s important to know how to win the battle versus fraudsters. Here are a few suggestions:

Be careful with links

Whenever you are instructed to click on a link that is supposed to take you to an official site, hover over the link with your cursor. You should see the actual address that the link will take you to in the bottom left corner of your screen. If you’re supposed to be going to Apple’s site, make sure the link is

Your best bet is to actually type the web address directly into your browser. You should never trust links from unknown sources!

Familiarize yourself with branding

Fraudsters are getting better at spoofing. For example, Apple Inc. has an official Facebook page but it doesn’t appear to do anything with it. There are other pages that appear to be the official Apple page, but they are not.

Here’s an example:

As you can see in the image above, the “Apple Inc.” page is listed as an unofficial page. I circled it in red for you. Watch for telltale signs like this so you know when you’re not actually dealing with an official site’s Facebook page.

Other social media sites have verification signs also. For example, on Twitter you will see a blue verified badge. This lets you know that an account of public interest is authentic.

When in doubt, don’t trust it

A good rule to live by is if it sounds too good to be true, it probably is. Don’t click on random posts from unfamiliar people or sites that claim to be giving away money or expensive gifts. You’ll see tons of Facebook posts claiming to be from lottery winners who want to share their jackpot. These are scams, don’t fall for it.

Don’t get me wrong, there are valid contests and giveaways out there. You just need to trust the source.

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook