How con artists post phony articles on Facebook
I've been writing stories on celebrities, so I've been pretty busy lately.
I've conducted interviews with celebrities including Chris Tarrant, Jeremy Clarkson, and Zoe Ball.
These tales all have one thing in common: they're all about how the celebrities amassed enormous wealth from cryptocurrency investments they made online.
And if it all seems a little implausible, that's because I hadn't written or conducted a single one of the articles or interviews. And neither I nor any of the well-known individuals involved would consider advocating cryptocurrency investments of any type.
Rather, the fictitious articles were all AI-generated frauds that included my byline and a BBC template when they surfaced on Facebook news feeds.
The persons who are behind these fraudulent schemes hope that readers will click through to read the whole article and then be persuaded to participate in a fictitious investment program that is advertised on the website.
I reached out to Tony Gee, senior consultant at cybersecurity company Penn Test Partners, since I was wondering about how these fraudulent messages were up on Facebook in the first place.
He noted that one fraudulent page's URL, or web address, was probably a sponsored Facebook advertisement after looking at it.
According to Mr. Gee, he was able to determine this since Facebook adds a unique value to the URL in order to detect outbound hits.
I informed Facebook's parent company Meta of my discovery, and they responded, saying, "We don't allow fraudulent activity on our platforms, and we have removed the ads brought to our attention."
However, how can the con artists first install the phony advertisements on Facebook news feeds? How can they evade the automatic detection mechanisms on Facebook?
Computer expert Prof. Alan Woodward of the University of Surrey said the offenders seem to be utilizing programs that swiftly reroute viewers to another website.
Upon placing the advertisement on Facebook, the link leads to a secure website that doesn't attempt to defraud you of your money. However, as soon as Facebook approves this, the con artists implement a redirect that sends users right away to a website that is determined to defraud you out of your money.
"If you control a website then you'll find it relatively easy to include a redirect command, such that once someone's browser has had an opportunity to show them the original webpage, the internet browser is sent to an alternative one," Professor Woodward explains.
He continues by saying that scammers may rapidly and simply maintain altering the redirect's destination. "As soon as you are able to cover up the true nature of a URL, that is manna for scammers," according to him.
Online fraud known as "cloaking" is the process by which hostile advertisements manage to evade social media companies' review processes by disguising their true intentions.
According to Meta, it is enhancing its automatic detection systems with the knowledge it has gained from this method.
Retired from the military, Margaret (not her actual name) resides in Buckinghamshire. She just lost £250 after falling for a fraudulent advertisement on Instagram, which Meta also owns.
A fake ITV piece with presenter Robert Peston (or rather, a con artist posing as him) talking about an opportunity he found for investment had lured her to click on the link. Margaret made the investment because she believes in Mr. Peston and the ITV name.
Margaret sent in photos of her passport and both sides of her credit card in addition to paying the £250. She received phone calls right away.
"It was someone with an American accent welcoming myself and saying my money was already making money," she recounts to me.
Both the phone calls and the barrage of emails persisted. When they began questioning Margaret about her income, savings, and intention to increase her investments, she started to get skeptical.
"I contacted my bank as well as was refunded but it didn't stop the scammers."
Margaret continues to get calls on a regular basis, and recently, she began receiving calls from someone posing as the US National Security Agency, offering to assist her in looking into the fraud.
"My own mental health is being compromised and I believe I am at risk, in particular identity theft as well as indeed potential monetary theft," she states. "They are so mega persistent, yet are dangerous pests."
The UK consumer advocacy group Which? has been investigating this matter.
"Malicious advertisers may mask web links or impersonate established companies such as the BBC to evade online platforms' reporting systems, and people often fail to recognize they're looking at a scam or a deepfake untill it's too late," Rocio Concha, the organization's director of advocacy and
"Customers shouldn't have to defend themselves against this bogus stuff on the internet. Ofcom's mandate under the Late-Last-Year Online Safety Act is to utilize its authority to make sure that online platforms are confirming the integrity of their advertisements in order to stop con artists from deceiving customers."
Encountering fraud "is a priority" for Ofcom, the regulator said in a statement.
"The UK's new safety on the internet laws will be an important part of making it harder for fraudsters to operate," it said. "Online services must evaluate the risk that their users may suffer harm from illegal content on their platforms, including fraud, take appropriate action to safeguard their users, and remove illegal content when they find it or learn about it," according to the new legislation.
The managing director of Skadi, a financial research company, is Nicolas Corry. He claims that the volume of causal fraud taking place on Facebook and other social media platforms "troubled" him.
"These companies are making huge quantities of profits, and exposing people to fraud," he states. "And then it's the finance companies that pay for this, or the victims themselves."
According to Mr. Corry, social media companies must to scrutinize every advertisement and its hyperlinks more thoroughly before approving them to appear.
No comments:
Post a Comment