Scammers on Facebook are experts at appealing to the base human instinct to help others in dire need of assistance. There are many types of Facebook scams, but the disaster scam is without doubt one of the most audacious and diabolical. The cavalier manner in which some people can turn the misfortune of others into an opportunity to make a quick buck is mind boggling. This article examines some techniques scammers on Facebook use to fleece the unsuspecting public during times of disaster.

Soliciting Donations

This is the oldest way that emotional appeal scammers have traditionally monetized their criminal enterprise. The DNA of the scam involves pretending to be a real victim of a real disaster or posing as an organization helping victims of a real disaster. Once they reel you in, they request you to make a donation to help the “victim(s).” On Facebook, the post usually has a link to another website that has all the makings of a disaster assistance page including PayPal or Credit Card Donate buttons.

Click-baiting

Directly soliciting donations is sometimes too obvious, and a keen individual can sniff out the scam and report the matter to “Facebook police” before the crooks can make a decent return. To get around this, scammers have come up with new and innovative ways of making money from you without soliciting a donation. One of these methods is the click bait. Click-baiting is based on social engineering. On Facebook, it involves posting an eye-catching link that encourages you to click on it; I’m sure you have seen numerous posts doing this on Facebook. When Malaysian Flight MH370 disappeared over the Indian Ocean, links to videos purporting to show that the flight had been found in the Bermuda Triangle began circulating on Facebook. Never mind that this region is located in the western part of the North Atlantic ocean near Florida! Others claimed to have exclusive footage of found passengers. Upon clicking these links, a user would be taken to a third-party site with a pop-up urging them to update their media player in order to watch the video. Clicking the video player link did not install the video player but instead downloaded malware to the computer. Once malware is installed, remote hackers can then make money from you in a variety of ways. The malware could contain a keylogger which records all keystrokes on your bank and credit card login pages. They would then access your financial accounts and steal your funds or run up bills on your credit card. It could also be used to remotely turn your computer into a slave and carry out some illegal enterprise for the attacker. In addition to infecting your PC with malware, scammers can also create a page that contains pay-per-click (PPC) ads. The strategy in this case is to deliver a high number of page views via click-baiting and then make money on PPC revenue. To illustrate, let’s assume a scammer is able to deliver 10,000 page views daily via click-baiting. Assuming a modest cost per click of $0.50 and a click thru rate of 2.5%, the scammer could easily rake in $130 per day which works out to a tidy $3,900 every month. Scale up the page views and you are looking at a mega money-minting criminal enterprise. Another variation of click-baiting is the survey scam whereupon clicking the link, you are taken to a page where you are requested to complete a survey in order to watch the video. In fact, these videos do not exist, and if you proceed and complete the survey, you only end up spamming your Facebook friends and generating revenue for scammers via affiliate links.

“Like” Farming

The Facebook “Like” button is much sought after. It has grown to be a powerful vote of confidence and sign of approval. Facebook’s ranking algorithm actually assigns a higher value to pages with more likes. In “like” farming, scammers again use the emotional close to get you to like a page they have created. They will usually ride on the popularity wave of a recent disaster and create a page either purporting to support the victims or showing solidarity with the victims. Posts are expertly crafted to elicit an emotional response, for example, “this girl lost her entire family in the plane crash; like this post to show your support for the victims.” Other posts make ridiculously obvious statements and ask you to like the page to show your support: for example, “no child should go to sleep on an empty stomach, like if you agree“. So, how do they make money once you have fallen for the ploy and “liked” the page? Well, after the page has generated several thousand likes, they simply go the “Page Info” section and change the name and description of the webpage. They replace it with something else such as a product or service for sale (legal or otherwise). The page can also be sold on a black hat forum for a tidy sum.

How To Protect Yourself

Disaster scams always increase in the aftermath of a major disaster both online and offline. So, during such periods you should be extra cautious and suspicious of any links to videos or other content especially where the headline sounds “clickbaity.” Also, if after clicking the link you are not immediately shown the content but are asked to install something, share a post, complete a survey or anything else … close the page immediately. It is a fact that the best way to help people affected by a disaster overseas is to make a cash donation to a reputable humanitarian organization working in the disaster area. If in doubt about a website soliciting a donation, check out the following authoritative sites where you can a find a list of reputable humanitarian organizations: Also, rather than click on a donation link in a Facebook post, it is better to go directly to the organization’s website and make a donation from there. On a positive note, there appears to be some hope at the end of the tunnel. Facebook recently announced that they would start cracking down on click-bait headlines. Have you ever fallen victim to a Facebook disaster scam? Please share your insights with us in the comments below. Image credits: Don Hankins , aldeka via Flickr