Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | REVIEW: RadMission 1 eBike

author photo

Facebook Ad Copyright Violation Scam Used for Phishing Attacks

by on August 02, 2021
in News, Computers and Software, Computer Safety & Support, Blog, Facebook, Privacy :: 0 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

Recently, I reported on how fake copyright complaints were being used to spread ransomware to businesses. One of our readers saw that article and alerted me to a similar scam. In his case, the email claimed his Facebook ads were violating copyright and his business page would be disabled or removed if he didn't file an appeal. The specific text of the email reads:

Hello,

Your recent ads have been reported for violation of Facebook ToS.

You have now (1) copyright strike, and we'll have to disable your ad account and take down your page.

To prevent that from happening, use the link below to submit an appeal: https://sites.google.com/view/facebook-form

This link expires in 24 hours.

Thanks,

Facebook Team

The link to the Facebook form (which has now been removed) brings you to this page with more "details" about Facebook's advertising policy, followed by a button to complete a form with your account details.

Fake Facebook appeal page showing text that reads Breaking the Advertising Policy. All advertisements and offer must practice trade policies. You may have broken some of the banned articles/rules on Facebook. Unsafe add-ons. Adult articles or services. Growth health articles. Hateful and degenerate language in communication, racism and offensive language. Non-physical items are prohibited on Facebook Marketplace, including but not limited to services, subscriptions, digital products or rentals. Below is a form which must be completed within 24 hours. If you do not complete the form your site will be suspended indefinitely. Followed by a button to continue.

There are a couple of clear warning signs that this isn't an official Facebook page; notably, the form being hosted on a sites.google.com URL (rather than directly by Facebook) and the general poor grammar of the page. But if you missed these clues and went ahead and completed the form, you just turned over your business's login credentials to these scammers.

Interestingly, the image used in the header of the fake Facebook appeal page is the same one used for a similar, though technically more sophisticated, Facebook phishing scam Sophos Security reported in October 2020. Whether this is the same group of scammers or another group trying to copy their methods is hard to know. It's also possible, though I haven't seen evidence of it yet, that this same social engineering method could be used to deliver malware, including ransomware, as I outlined in my prior ransomware article.

As we see with the Sophos example, scammers often will change up their methods and the language in their emails in an attempt to avoid spam filters. If you've received a similar message (on your site or via email), please post in the comments below so others will find it when doing a Google search and avoid the risk of having their Facebook accounts compromised.

[Image credit: Smartphone on keyboard via BigStock Photo, screenshots via Techlicious]

Josh Kirschner is the co-founder of Techlicious and has been covering consumer tech for more than a decade. Josh started his first company while still in college, a consumer electronics retailer focused on students. His writing has been featured in Today.com, NBC News and Time.



Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.