Operating an online publication means we lean heavily on social media to drive traffic to this website. While many of our readers come directly to Hypertext, searches for keywords and social media are the main drivers of traffic to this corner of the internet.
This is likely true for many publications and small businesses where platforms such as Facebook drive sales and discoverability of that business. Even businesses with a physical store still need an online presence with as many as 76 percent of consumers checking a company’s online presence before visiting them in person.
Being online then is incredibly important and cybercriminals want to leverage that. Enter the Facebook Page Deletion scam.
“Last Warning,” the message Hypertext received in March read.
“Need to confirm that this page belongs to you and is being used normally. Confirm here: [LINK TO A POST]. After 24 hours of not receiving a response, we will temporarily lock this page.
Meta Support ©2024 (Automatic notification _ Please contact now)”.
Oddly, we’d never received a first or indeed any warning at all preceding this message.
The message was sent from an account that has five friends and appears to have been created for the sole purpose of scamming Meta users.
Naturally, we ignored this but this is a common scam on Facebook even if the wording and methods used to execute the attack have changed over the years. In one version of this scam, a target was directed to a Facebook Note which in turn directed them to disclose information to a third party where they otherwise wouldn’t.
Had we clicked the link to the story we likely would’ve been prompted to click another in the Facebook Story we were linked to. While we can’t confirm this – as we never clicked the link – we suspect the link would’ve taken us to a page purporting to be Facebook but just captured our login information for use later or to sell on.
While we were lucky and spotted the nature of the message before we’d even opened it, we can see how some folks could be rocked by a similar message. The threat of what may be your only online presence being deleted is sure to get a person to take action.
In fact, not only are cybercriminals hoping you will click something you shouldn’t, but their phishing messages are crafted to elicit an emotional response. The hope is that a user will ignore the warning signs, click through and divulge information they ordinarily wouldn’t.
The wording and grammar in this message was also a dead giveaway but it may not be so obvious in future as large language models and generative artificial intelligence technologies find a place in the cybercrime landscape.
The biggest giveaway however, was that “Facebook” decided to use Messenger to alert us to the potential deletion. Meta would never do this as official communications are often either emailed or sent via a push notification. Meta would also never warn us that our page was at risk of being deleted because why would it? The social media firm has never warned users it takes action against and if it did start doing that, it would announce that decision.
Be careful out their folks, cybercriminals are constantly looking for ways into your communication platforms in hopes of perpetrating more scams on other users.
Unfortunately Meta won’t let us report this as a scam via its Business Suite so its likely that scams like this will continue, as they have for so many years.
