We’ve all seen a lot of emotional posts and images on Facebook — and it’s almost second nature for many people to “like” just about anything, whether to acknowledge you saw the post or just because you’re so used to it by now.
But before you “like” just any post, you need to be aware of how scammers are taking advantage of this involuntary impulse to click on Facebook.
Beware of ‘like farming’ scams on Facebook
Sadly, while some of these posts about children in need are real, most of them are fake — a scam called ‘like farming’ that crooks use to trick unsuspecting Facebook users into handing over info or becoming a victim of some other type of scam.
Scammers post images and stories that will grab users’ attention in order to entice them to like, comment and share. And as more people engage with the post, the more it will continue to pop up in users’ news feeds — which means more exposure for the scammers.
You may hesitate and wonder if the story is actually real, but since thousands of other people have commented or liked it, what harm could it really do if you simply just like the post or or page to see what it’s about?
Unfortunately, a lot.
How the scam works
Here’s how it typically works: scammers post something that appears to be totally harmless — or they create a fake Facebook page that appears totally harmless.
The post or page may be about anything — but it will always be something that grabs your attention.
For example, you may be scrolling through your news feed and and see a horrifying image that tells the story of a sick or injured child who needs help. The post has thousands of shares, likes and comments — and often and asks users for some type of donation.
The posts may request help in a few different ways. Here are some examples:
- “Every ‘like’ raises $1 for Emily’s treatment”
- “Share this image and Mark Zuckerberg will donate $5 to a children’s hospital”
- “Don’t scroll down without typing Amen.”
The crooks will then collect information from any users who interacted with the post or fake page in order to carry out some type of scam.
Read more: How to spot fake offers on Facebook
Even if the post doesn’t ask for you to provide any information or donation — maybe just a like — it could still come back to haunt you. Very often, once a post like this gains enough traction — a certain number of likes, shares and/or comments — the scammers will go back into the post and edit it to include something malicious.
In some cases, the scammers will spam users directly, requesting more info — related to the fake story or donation plea — or sell the user’s personal and contact information to other criminals.
Scammers use fake Facebook pages to do the same. Maybe you liked some random page about animals that a lot of people were suddenly interested in, then all of a sudden (even months later), the scammers will use the page to send out spam and scam posts — which may include phishing scams, malicious downloads or fake notifications that you’ve won a prize. And since you liked the page, all of the scammers’ posts will appear in your news feed.
Then all it takes is one post to trick you into entering your phone number or other personal data to claim your prize — or whatever the fake post is offering. Any of the various tactics used by the scammers may result in stolen credit card numbers, banking info and other sensitive data, according to the Better Business Bureau.
Variations of the scam
The goal is to grab your attention and get you to take some sort of action — whether it’s to like, share or comment on the post — by offering something in return. A few common ways scammers get you to engage include:
- Emotional posts asking for people to help a child or someone in need
- Offering a cash prize or something cool like a new smartphone if you share the post
- Offering coupons, free airline tickets or anything else that’s free or too good to be true
- Other emotional posts to show that you’re for or against a certain cause
Basically, the scammers are preying on people’s emotional vulnerabilities to trick them into taking action before even thinking about it — whether it’s using a fake horrifying picture of a sick child or by promising you something in return.
How to protect yourself from Facebook scams
If a post claims you will get something free in return for liking, clicking, sharing etc., it’s most likely a scam — regardless of how big or small the freebie is!
There are a couple of common goals that criminals have when carrying out any type of scam on Facebook:
- Malware: When you click the link in one of these scam posts, you could be directed to a site that automatically downloads some type of malware or virus onto your device — allowing the criminals to track your every move without you even realizing it. So when you go to log in to your bank account or other account that contains your personal information, they can track it, steal your credentials and then then wreak havoc on your financial life!
- Phishing: Phishing is a way for criminals to carry out identity theft by using fake websites, emails and robocalls to try and steal your personal information — including passwords, banking info, Social Security number and other sensitive data. When you click on a link in a fake offer, you may be prompted to enter your Facebook credentials to ‘redeem the offer.’ That is a big red flag that it’s a scam!
Read more: How to spot a fake coupon online
Red flags that an offer or company on Facebook is fake:
- The Facebook page has zero negative reviews or comments.
- If you can’t find a phone number or address for the company.
- Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem. Here’s a list of free antivirus and malware protection options.
- Change any passwords that you gave out. If you use these passwords for other accounts, change those accounts, too.
- If you paid for bogus services with a credit card, call your credit card provider and ask to reverse the charges. Check your statements for any other charges you didn’t make, and ask to reverse those, too.
- If you believe that someone may have accessed your personal or financial information, visit the FTC’s identity theft website. You can minimize your risk of further damage and repair any problems already in place.
- File a complaint with the FTC at ftc.gov/complaint.
Tips to avoid similar scams
- Don’t click on any links in an email or text you weren’t expecting: Scammers often disguise malware attacks as emails that appear to be from a friend, helpful website or company you do business with. If you aren’t sure about it, delete the email and contact the friend or company directly. If you click on any link or attachment in an email you weren’t expecting, it could install malware on your device without you even realizing it until your bank account has been drained.
- Don’t click on any links in a Facebook post from a source you don’t recognize: If it’s an offer for something free but requires you to like, share, click or do anything else to redeem the free offer — don’t do it! It’s probably a scam.
- If you receive an email claiming to be from your bank or other company that has your personal information, don’t click on any of the links: Even if it looks official, it could still very easily be a scam. Instead, log in to your account separately to check for any new notices. You can also call the company about the information sent via email.
- Research unknown sites before going to them directly: When it comes to spotting potentially-dangerous websites, before you go to an unknown site, double-check the spelling of the web address/URL by first doing a search for it.
- Run anti-virus software: Frequently run anti-virus protection programs on your devices to check for any malware that could be hiding in the background. Here’s a list of free options.