Facebook users are being warned that hackers are stealing accounts and scamming people out of thousands of dollars as part of new scam schemes.
Cybercriminals are turning friendship into fraud by using stolen accounts to create fake item listings to steal money from their online “friends.”
In one case, a Texas woman named Erin Jackson realized her account was locked when she tried to log into her Facebook page and discovered that a hacker had already put items up for sale.
The post claimed that her father was moving into an assisted care facility and that she needed to sell the items quickly, but no such items existed.
Another person became a victim earlier this year when a hacker gained access to his account and falsely listed items such as tractors, four-wheelers and airline tickets for sale.
In each case, Facebook’s parent company Meta reportedly took days to fix the problem, giving hackers time to steal money from more unsuspecting users.
Reports of hackers taking over Facebook users’ accounts are on the rise, with an average of 68,000 users seeking help with a hacked Facebook account on Google in the last year alone.
Malvertising campaigns have also spiked on the platform as hackers use ads promoting games, adult content and other software to gain access to people’s accounts by stealing login details, browsing history and cookies.
Users are advised to take steps to protect their accounts, including setting up two-factor authentication, and avoid clicking on suspicious links or ads.
Facebook users have reported that hackers are taking over their accounts to promote malicious advertising and post fake items for sale.
Other similar scams include creating grief posts that ask people to donate money to tune into a livestream of a funeral that doesn’t exist.
Users say Meta, which has more than three billion Facebook users worldwide, has allegedly failed to take the crimes seriously and victims have accused the company of ignoring the reports.
A woman named Lesa Lowery said a hacker posed as her on Facebook for three days and stole thousands of dollars from her friends for goods she said didn’t exist.
“There was a multitude of really cool things: hot tubs, trucks, tractors and all those people texting,” Lowery said. CBC News.
“I felt helpless,” she said, adding, “I literally sat there and cried.”
Hackers are also using more advanced methods to trick people into believing the post is real, such as using the person’s real address or locating the exact section the victim would sit in at a hockey game.
The information is not difficult to find and is used to make the posts appear more realistic.
Jackson said the posts promised that if a person paid a deposit for their father’s belongings immediately, they would not discuss the issue with anyone else.
‘(The post) was very credible to my friends and even some of my family because my father is older and has had health problems. “It’s something that wouldn’t have surprised anyone,” he said.
When a friend asked where to pick up one of the items before making the deposit, she was given Jackson’s address.
Hackers are kicking users out of their own accounts and hijacking them to spread more malware
Hijacked accounts are a way for hackers to increase the number of people they can reach without needing to create their own Facebook accounts.
This includes the latest hacking software that first appeared last year called SYS01stealer.
The software, called SYS01stealer, has nearly 100 malicious domains that create targeted ads that entice users to click on them and reveal their personal information.
In an analysis of the software, cybersecurity company Trustwave said: “There is a possibility that not only your browser data could be stolen, but also your Facebook accounts to further spread malicious advertising and continue the cycle.”
Susan Balmer became another victim in April this year when a hacker used her account to sell fake Taylor Swift concert tickets.
He claimed he reported fraudulent activity on Facebook’s website and reportedly wrote to the company several times, but the page was not removed until Sen. Dan McConchie (R-Ill.) saw a report of Balmer’s story. in NBC5.
“I was able to reach someone here in the state that I knew who worked with Meta, Facebook’s parent company,” McConchie told the outlet.
Within days of their involvement and two months after the entries were listed, Meta finally deactivated the hacked page.
In March, a coalition of 41 state attorneys general said Meta had abandoned victims and sent a letter demanding the company take “immediate action” to protect user accounts that have been stolen.
They argued that the “dramatic and persistent increase” in complaints and lack of response from Meta had caused a “substantial drain” on government resources because they are linked to financial crimes.
“We have received a number of complaints of threat actors fraudulently charging thousands of dollars to stored credit cards,” said the letter to Meta’s chief legal officer, Jennifer Newstead.
“In addition, we have received reports of threat actors purchasing ads to serve on Meta,” he continued.
‘We refuse to act as customer service representatives for your company. Adequate investment in response and mitigation is mandatory.”
A Meta spokesperson responded to the letter, saying CABLING that ‘fraudsters use all available platforms and constantly adapt to evade law enforcement. “We invest heavily in our trained monitoring and review teams and have specialized detection tools to identify compromised accounts and other fraudulent activity.”
The spokesperson did not address the company’s lack of response to users’ hacked accounts, instead saying: “We regularly share tips and tools people can use to protect themselves, provide a means to report potential breaches, work with authorities and take legal action.
D ailyMail.com has contacted Meta for comment.