Recommended reading

No, those amazing deals on Facebook aren't real - it's a scam, and here's how to spot it

News
By published

Meta is home to thousands of scams

Scam alert
(Image credit: Shutterstock)
  • High-end and luxury products are being advertised with huge savings
  • 4,000+ fake domains impersonating big brands have been spotted
  • Victims are losing money without receiving their products

More than 4,000 fake domains impersonating popular brands have been spotted in a scheme pushing scam ads targeting Facebook users.

The campaign was uncovered by threat analysis from Silent Push, in a trend researchers are calling "GhostVendors," which sees scam ads for the false domains primarily run on Facebook Marketplace by exploding Meta's ad policy loopholes, with ads being removed from the Meta Ad Library upon campaign completion to prevent tracking efforts, helping attackers remain undercover.

Key to the fake ads are unrealistically low prices designed to lure victims into thinking they've found a bargain – for example, researchers spotted a Milwaukee Tool chest for $129.

Scam artists are luring shoppers via Facebook ads

The ads also instil a sense of urgency by using keywords like 'clearance', 'Holiday sale' or 'excess inventory', applying pressure on buyers to act promptly.

Links on the ads lead to scam sites that look like their genuine counterparts through Domain Generation Algorithms and template cloning, with redirection also applied to pull victims towards malicious sites.

Countless brands have been observed imitated across the more than 4,000 fake domains, including retailers (Amazon, Costco, Argos), footwear (Birkenstock, Crocs, Skechers) and gift sites (Bath & Body Works, Yankee Candle).

Being that there have been so many attacks, consequences can vary. Many victims have had their payment information stolen with no goods delivered, or have experienced financial fraud. Moreover, the threat appears to be on a global scale and is not restricted to a core country or region.

Silent Push says threat actors have demonstrated a deep understanding of Meta's ad systems, which have been criticized for not keeping a public archive of inactive scam ads and for not allowing holistic tracking without (prohibited) external scraping.

In the meantime, potential victims (including virtually all online shoppers) are being advised to warn ads that appear too good to be true.

Users can also verify the authenticity of deals by visiting websites directly. It's also recommended that online purchases are made with credit cards that come with additional protection, with direct bank transfers totally inadvisable.

You might also like

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.