•   
  •   
  •   

Technology Your hacked Facebook account may be bankrolling scam ad campaigns

15:35  04 november  2019
15:35  04 november  2019 Source:   cnet.com

How to check if you've been hacked

How to check if you've been hacked How to check if you've been hacked

Hackers are targeting ad accounts and using victims' money to promote scam posts. But Facebook didn't stop the campaign because it was pushed by hackers , Lau said. Some ad account owners affected by these hacks have found little help from Facebook and have complained that the tech

If you think your Facebook account was hacked or taken over by someone else, we Your account may have been hacked if you notice: Your email or password have changed. You may also want to learn how to protect yourself against malicious software that can potentially compromise your account .

As Henry Lau slept on Oct. 15, hackers quietly took control of the ads manager page for his Facebook account. By 6:15 a.m. PT, Facebook had approved a widespread advertising campaign with a budget of $10,000 per day to promote a 13-second video in the US, Mexico and Australia.

a close up of a bottle: Hackers are targeting ad accounts and using victims' money to promote scam posts. Angela Lang/CNET© Provided by CBS Interactive Inc. Hackers are targeting ad accounts and using victims' money to promote scam posts. Angela Lang/CNET

Lau, who hadn't taken out any Facebook ads in two years, had no idea his credit card racked up thousands of dollars in charges until he got an alert that the ad campaign was shut down -- six hours later.

But Facebook didn't stop the campaign because it was pushed by hackers, Lau said. Facebook shut it down because his credit card had expired, and he wasn't able to pay for the ads.

Facebook enlists Ray-Ban maker to help develop 'Orion' smart glasses, a secret project underway for several years

Facebook enlists Ray-Ban maker to help develop 'Orion' smart glasses, a secret project underway for several years Facebook has partnered with Ray-Ban maker Luxottica to develop augmented-reality glasses. The glasses, code-named 'Orion,' would allow users to take calls, show information to users in a small display and live-stream their vantage point to their social media friends and followers. © Provided by CNBC LLC Mark Zuckerberg, chief executive officer of Facebook, attends the annual Allen & Company Sun Valley Conference, July 13, 2018 in Sun Valley, Idaho. Facebook is also developing an artificial intelligence voice assistant that would serve as a user input for the glasses, CNBC previously reported.

when the Facebook ad account is hacked and they change the settings for authorised payment. Re: Facebook Ireland Ad Scam . I have become a victim to the same hacking theft and have been www.cnet.com/news/ your - hacked - facebook - account - may - be - bankrolling - scam - ad - campaigns /.

Individuals who post spam within this subreddit may be temporarily or permanently banned. Nobody hacked from your bank. That's not even a real sentence. Somebody probably stole your credit card information, set up a facebook business account to run scam - ads and lure other people to scammy

"Had my credit card not been expired, they would have run the ads for $10,000 or more," Lau said. "It could have been days before I found out."

He said he "freaked out" once he saw what hackers were trying to charge on his account -- and then he grew angry at how the fraud was allowed to play out under his name.

Lau isn't the only person with growing frustrations over Facebook's handling of fraudulent ads. The more than 2.45 billion people who log on to Facebook each month make an attractive target for ads with malicious links, and utilizing someone's ad account has become an increasingly popular way for an online criminal to bankroll the scam for free.

Hackers are targeting ad accounts and using victims' money to promote scam posts.© CNET

Hackers are targeting ad accounts and using victims' money to promote scam posts.

Facebook's new Portal smart displays: Who's listening and what's happening to your data?

  Facebook's new Portal smart displays: Who's listening and what's happening to your data? The tech giant compromised your privacy and broke your trust. Now, it has a new set of "Smart Cameras" and always-listening microphones for your living room.Each comes with an AI-powered "Smart Camera" that can track you as you move about in the frame during a call, and each comes with the same microphones for voice-activated controls as the originals. You can say, "Hey, Portal," to wake it up and make a video call or any other number of functions, and you can say, "Alexa," to access the full capabilities of Amazon's digital assistant, too.

Hacked and Fake Accounts . Your account should represent you, and only you should have access to your account . You may also want to learn how to protect yourself against malicious software that can potentially compromise your account . Note: If the email associated with your Facebook account

His Facebook account had been hacked . If you”re a moblie phone user you may also be susceptible to hacks since in some countries the network signal is not encrypted. If you use a mobile phone application to access your facebook account check to make sure the signal is encrypted.

It's led to a lot of headaches for the victims. Some ad account owners affected by these hacks have found little help from Facebook and have complained that the tech giant isn't doing much to prevent these attacks. In July, Digital Trends detailed several cases in which Facebook's customer support failed to help people whose ad accounts had been taken over.

They're essentially using free money from stolen Facebook accounts to then commit credit card fraud.
Henry Lau

Another blogger described how hackers took over his Facebook account and started running ads at £1,200 (about $1,550) per day, and how he didn't get an alert until PayPal notified him about the transaction.

"This is, and has been growing to be, an even more viable opportunity for fraudsters and cybercriminals," said Emily Wilson, vice president of research for data protection service provider Terbium Labs. "There's a lot of people on Facebook, and they're often interacting with it quite mindlessly. Cybercriminals only need a small percentage of people to click on the wrong ad."

Expanding the 'Squad:' U.S. liberals challenge moderate Democrats to move party left

  Expanding the 'Squad:' U.S. liberals challenge moderate Democrats to move party left Expanding the 'Squad:' U.S. liberals challenge moderate Democrats to move party leftNow the 26-year-old immigration lawyer is gunning for her former boss' job, saying his values are out of touch with the sprawling south Texas district he has represented for 15 years.

"Your Account Was Hacked " is one of the many scams (spam campaigns ) that are used to trick people into paying cyber criminals. There are two versions of the "Your Account Was Hacked " spam campaign , however, they are essentially identical.

Facebook hackers could lock you out of your account and hassle your friends and family. Other signs that your account may have been hacked : Your personal data, including your password If your account wasn’t simply hacked , but is sending out ads and spam to your friends, you must report it as

Facebook said that it takes measures to prevent these kinds of hacks and also keeps a close watch for any ads that lead to malware. When it approves an ad, the company said, it checks the website that the post leads to and will ban people who direct viewers to malware.

"Linking to landing pages containing malware is against our policies. When we find bad actors using techniques like cloaking to avoid our reviews, we immediately take action and remove their ability to advertise on Facebook," a company spokesperson said in an email.

Facebook has taken several measures to protect people from ad scams, like rolling out tools to report these schemes in the UK. To prevent foreign election interference, Facebook added a new authorization process for political ads, in which you need to verify your identity and mailing address.

But hackers have been able to circumvent these protections by taking over people's accounts instead and running ads under someone else's name. And even if the campaigns are banned within hours, cybercriminals have found that they're able to trick hundreds of people on Facebook within that window.

Here's what you need to know about Facebook's controversial Libra cryptocurrency

  Here's what you need to know about Facebook's controversial Libra cryptocurrency The project has run into headwinds."As I have examined Facebook's various problems," California Rep. Maxine Waters told Zuckerberg as she opened a hearing before the House Financial Services Committee. "I have come to the conclusion that it would be beneficial for all if Facebook concentrates on addressing its many existing deficiencies and failures before proceeding any further on the Libra project.

A new email phishing scam emerged today that tries to blackmail you for Bitcoin. Beware of an email message that claims someone has hacked your account . Email message campaigns like this have been making circulation following recent breaches that occurred on websites like LinkedIn and Adobe.

This is guaranteed to work… First log in to your messenger if you can, click on view profile of anyone in one of your messages. This will give you temporary access to add a phone number. If you can't do that have a friend report your messenger as

Using 'free money' to commit fraud

The ad posted using Lau's ads account was a video clip of a toy wagon for kids and purposely listed with a pricing error -- showing five items for the normal price and one item "accidentally" listed at 99 cents. Lau said it was designed to make people want to click and buy something immediately, taking advantage of the low prices and perceived mistake.

Though the ads weren't promoting any real products, they were doing something valuable for hackers: The fake sale site had credit card skimmers embedded on it, Lau said. People rushing for a deal online would instead end up giving away their credit card information to hackers.

a screenshot of a cell phone: The post on Henry's account was a scam to steal people's credit card information. Henry Lau© Provided by CBS Interactive Inc. The post on Henry's account was a scam to steal people's credit card information. Henry Lau

Lau, whose account was taken over because of a compromise on a third party, said the posts reached 64,784 people before Facebook shut them down. The price for reaching tens of thousands of people: $915.95, or $38.16 per promoted post.

Because Facebook ads offer tracking pixels, Lau got a rare inside view of how effective this scam is. More than 3,000 people clicked on the ads, and 813 people added their payment information on the website, according to metrics from Facebook. A small handful actually went through with trying to purchase the fake item, he said.

Inside Facebook's efforts to stop revenge porn before it spreads

  Inside Facebook's efforts to stop revenge porn before it spreads The Facebook team tasked with fighting nonconsensual intimate images spoke for the first time about their research, early missteps and hopes for AI."I just had a gut feeling something bad was about to happen," Zehara, a Los Angeles-based fitness trainer and aspiring actor, told NBC News.

"They ended up ripping off at least 24 people in the hour or so that it ran," Lau said. "They're essentially using free money from stolen Facebook accounts to then commit credit card fraud."

Lau isn't a stranger to the ad industry. He runs Privolta, a company he co-founded that specializes in privacy-focused ads. He said that the ad industry suffers anytime fraudulent ads slip through and that Facebook should be putting in better protections to prevent these scams.

After the hackers launched the $10,000-a-day campaign, Lau saw there was a warning on the checkout page.

"You've set a daily budget that is significantly greater than the average on this account ($231.59). If this was intentional, please ignore this warning," read the Facebook note. For him, it showed that Facebook has systems in place to detect fraudulent behavior but that the company allowed the payment to go through anyway.

"Clearly, if they wanted to, they could," Lau said. "But the problem then becomes, it stops them from printing money. It slows that process."

a screenshot of a cell phone: Facebook raised a red flag that the account spent much more on ads than it usually does, but never notified Henry. Henry Lau© Provided by CBS Interactive Inc. Facebook raised a red flag that the account spent much more on ads than it usually does, but never notified Henry. Henry Lau

Hackers have coveted Facebook accounts for years, often selling them to cybercriminals online, Wilson said. The older an account is, the more valuable it is, she said.

She's found markets where people will set up Facebook accounts and have them lie dormant for five or six years, then sell them in bulk to potential scammers. Older accounts are more valuable because Facebook's fraud detection algorithm is often looking for brand-new accounts, she said.

Lori Loughlin Thinks the Jury Will Be Sympathetic Toward Her

  Lori Loughlin Thinks the Jury Will Be Sympathetic Toward Her Lori Loughlin Thinks the Jury Will Be Sympathetic Toward Her during her college admissions trial, a source exclusively reveals in the new issue of Us Weekly.© Steven Senne/AP/Shutterstock Lori Loughlin arrives at federal court in to face charges in a nationwide college admissions bribery scandal on April 3, 2019 in Boston, Massachusettes. “She feels they’ll believe that the accusations against her don’t merit criminal prosecution,” says the source. “She truly thought she was making a legal contribution to a charity.

But the supply of fake accounts might not meet the demand; not all cybercriminals have time to wait for a dormant account to become available. That's when they turn to real ad accounts, where everything has already been set up for them.

Wilson said that with live accounts, cybercriminals have control only until victims realize they've been hacked. As Lau saw, sometimes just a few hours is all a dedicated scammer needs.

"The way Facebook is designed, and we've seen this play out with serious ramifications, is that it's really easy to run ads for whatever you want," Wilson said. "Facebook's model is to approve first and ask questions later."

a screen shot of a man© Provided by CBS Interactive Inc.
Zuckerberg gets lit up over Facebook and Libra (The Daily Charge, 10/24/2019)

Shut out at Facebook

Lau knew he was lucky that his credit card on the ads account was expired. He was also lucky enough to know people who worked at Facebook who could help him resolve the issue. Most people would have to deal with Facebook's automated process, which has been described as a digital door shut in your face.

Though Lau was able to get back on his account after the hack, Annie Beth Donahue, a writer in North Carolina, wasn't as fortunate.

Her account had been hacked in late September and then banned from Facebook shortly after. She can't even log back in to see what the fraudulent ad was for.

The hackers had taken out multiple ads with multiple payments, two campaigns for $250 each, another one for $750 and a fourth one for $400. She said she didn't even know her account had been hacked until she got messages from PayPal five days later telling her she had spent $1,200 in ads on Facebook.

"Facebook didn't send me a message and say something weird is going on with your account," Donahue said.

Donahue was able to get a refund, but getting her Facebook account back was an entirely different ordeal.

Imposter scams employ new tech and techniques to steal retirees' savings

  Imposter scams employ new tech and techniques to steal retirees' savings "They're retired, you know, they lost everything. And so they're still struggling with paying the bills and everything," said the daughter of one victim.The late-night caller said McGlone's nephew was in legal trouble and needed immediate financial assistance. He'd been in a car accident that had caused the other driver — a pregnant woman — to lose her baby. Thinking his nephew's future was on the line, McGlone didn't hesitate to send the cash requested.

a screenshot of a social media post: PayPal notifications were the only indication that Annie Beth Donahue got that her Facebook ads account was hacked. Annie Beth Donahue© Provided by CBS Interactive Inc. PayPal notifications were the only indication that Annie Beth Donahue got that her Facebook ads account was hacked. Annie Beth Donahue

She struggled to find a live person to speak with, and after looking for two days, got a response from staff at Facebook.

"The live chat lady was not helpful and just felt sorry and said she couldn't help us," Donahue said.

A few hours later, she received an email from Facebook stating that her account violated its terms, telling Donahue that the social network doesn't allow posts that contain "credible threats to harm others, support for violent organizations or exceedingly graphic content."

She still hasn't been able to find someone who's willing to explain to her what posts got her banned, or anyone willing to hear her case that she had been hacked. Donahue said it's been frustrating to hit this wall each time she wanted to get her issue resolved.

Nearly a month after her account got banned, Donahue said she tried making an Instagram account for a business she helps manage. She used the phone number tied to her old account to sign up, and Facebook's automated fraud detection blocked it, she said.

"It's atrocious. It's horrible," Donahue said. "I was so upset with Facebook that if this wasn't part of my job, I wouldn't have an account anymore."

Imposter scams employ new tech and techniques to steal retirees' savings .
"They're retired, you know, they lost everything. And so they're still struggling with paying the bills and everything," said the daughter of one victim.The late-night caller said McGlone's nephew was in legal trouble and needed immediate financial assistance. He'd been in a car accident that had caused the other driver — a pregnant woman — to lose her baby. Thinking his nephew's future was on the line, McGlone didn't hesitate to send the cash requested.

—   Share news in the SOC. Networks

Topical videos:

usr: 3
This is interesting!