Category: Internet (Page 2 of 9)

Facebook Winner Scams

July 17, 2023 / Jesse Mueller / 2 Comments

I imagine most of you have encountered Facebook Winner Scams by now. These posts usually show an eye-catching puzzle, and suggest that if you have the answer, you can comment or PM the poster for some free money. Again, this is a scam.

Using a stolen Facebook account, the scammer is looking for trusting or naive people to contact them. They’ll ask for your CashApp or Zelle account, as if they are going to send you some cash. That’s the ruse. If you cooperate with them, they’re ready to confuse the situation and trick you into exposing your funds.

Do not fall for this and do not reveal your CashApp or other payment account information to these people! Report Facebook Winner Scams to Facebook and the Facebook Group Admin.

After reading one of these sus posts, I had to check things out a little further. Using a sock puppet account, I contacted this scammer:

They clicked my fake CashApp link, which immediately showed me that they were in Lagos, Nigeria. Then I asked them about their location. They responded with a bad word in Yoruba and then blocked me.

An Even Sneakier Variant

Sometimes the scammer alters the post to make this scheme even harder to spot. How this scam works is:

The scammer posts the silly puzzle, telling everyone to search for the hidden item in the picture, and they ask everyone to comment “Got it!” when they find something.
They wait for the comments of “Got it!” to pile up under the post.
They edit the original post, to say something different and show a new photo. The edited info says how you can visit a website for free money or financial aid.

This scam-variant is especially tricky, as the altered post retains the comments from earlier. It shows a lot of replies — from real people, possibly people you know — commenting “Got it!” to this new fake offer for cash. To a trusting first-time viewer, it may appear that all of their friends are truly getting free money.

If you see this, don’t believe it, and definitely report the post. And you might reach out to anyone you recognize in the comments. You can let them know that they might want to delete their comments and report the post, too.

Big Tech Status Websites

July 8, 2023 / Jesse Mueller / 1 Comment

Even the biggest tech companies have outages and service failures. If your email or website is on the fritz, it may not be your fault. If iCloud or MS Teams won’t load, it could be their problem to fix. Bookmark this post or any of the Big Tech Status Websites below, so that you can check them at the first sign of trouble.

Microsoft Service Health – relevant to Outlook.com, Teams, OneDrive, Skype and more

Apple System Status – ranging from iCloud to AppleTV+, from Siri to MacOS Updates and many, many more

Google Workspace Status Dashboard – pertaining to Gmail, Google Drive, Google Docs and various other consumer apps

Meta Status and Outages – covering Facebook, Messenger, Instagram and related APIs

As I find other useful big tech status websites, I’ll add them to this post.

Service Scams on Facebook

July 3, 2023 / Jesse Mueller / 0 Comments

I have previously blogged about all of the duct cleaning scams on Facebook. And while I’ve gone on at length about that particular scam, it seems that duct cleaning scams are just the tip of the iceberg. There are a myriad of service scams on Facebook. Here’s what I’ve been studying and want you to know about:

Various Types of Service Scams

The service scams on Facebook come in different flavors. You might encounter:

How These Scams Play Out

These scams are carried out differently from other tech operations. Services scams on Facebook can actually result in service! Whether you ask for your ducts or your cars to be cleaned, the scammer will schedule with you (over Facebook Messenger), and someone will come to your address.

But the problems occur after the person arrives. Someone who has gone through with the contracted service might notice:

The service was not performed well, or the worker made mistakes and damaged things.
The work provided was carried out without proper licensing or insurance.
The bill presented was significantly more than the estimate or proposal.
Service was paid for, and problems with it were discovered later. Requests for follow-up were ignored, and the scammer later blocked the victim on Messenger.
Extra charges were made to the credit card without warning.

Protip: When hiring anyone for services, know the name of company you’re dealing with. When they arrive, that company name should be evident, either on their vehicle or on business cards/printed materials or their uniforms. If you’ve hired a company, but the worker at your door can’t name that company, something fishy is going on.

Why I Call This a Scam

Sometimes people actually get acceptable service from one of these Facebook posts. This being the case, you might argue: Is this really a scam? Or is it just luck of the draw, whether you get a good service provider or a bad one? I say it is a scam, and here’s my take on it:

The Facebook posts for duct cleaning or car detailing are deceptive. No company name is offered. The posting account is designed to show an American-looking name and a good-looking North American person or couple. They claim to be new in your town and just starting up a business. But it is all a charade. Everything is arranged using sock puppet accounts.

I’ve chatted with several of these service-scammers, to learn more about their schemes. I’ve sent some IP logging links to them, and for those that click, it typically shows me that they are in Pakistan. If I point this out to them, they block me instantly.

Ultimately, all of this deception puts you the consumer at risk. When you hire one of these service-scammers, you are paying money to some untraceable agent halfway around the world. S/he refers the job to someone in America, who then appears at your door to perform the task. And because the worker is not connected to a local or licensed employer, any of the aforementioned problems could occur. And should you call the police, the worker and the Facebook scammer are ready to vanish. All consequences will be evaded.

How to Recognize and Avoid These Scams

These scam Facebook offers can closely resemble legitimate service posts. It can be tricky to discern the crooks from the honest people trying to make a living. Here are some things to look out for:

Ask for the company name, phone number and website. Legitimate service providers will offer this as soon as you ask, if not sooner. Scammers will be cagey and dodge your question, or just give you an out-of-area number.
Nowadays, scammers use great English! But there are still “tells”. If they type “kindly” in a sentence, or if the language feels a bit off, ask if you can call their office to schedule, or simply move on.
Select and copy (Ctrl+C) the first sentence or two from their post. Then, click into the search field that Facebook offers. Paste (Ctrl+V) the verbiage from the post and see what turns up in search results. Many scam posts are duplicated all over the country, and this tactic quickly exposes many FB scams.
Look at the Facebook account that posted the offer. If the profile is Locked, then they are not from the USA, as that option is unavailable in America. If the account has many friends from other parts of the world, then that account may not be from a local. And scammers often click Like their own photos, so that should be another tip-off.
Find your needed services through personal referrals. Your friends and neighbors are unlikely to steer you towards one of these questionable outfits.

Other Dos & Don’ts

If you recognize a Facebook post as a scam, report it! Click the 3-dots next to the post and use the Report options to report it, first to Facebook and then also to the admin of the FB group. Just, don’t get your hopes up about Facebook’s response.

When paying for any kind of service, a credit card is best and protects you the most. Debit card transactions often cannot be reversed, and Cash App/Venmo/Paypal may not be able to help much after you’ve paid someone.

Microsoft Support Alert Scams

June 23, 2023 / Jesse Mueller / 1 Comment

Microsoft Support Alert scams are very common on the internet. Please review these details, in case you meet one. Foreknowledge will help you avoid becoming a victim!

What This Scam Looks Like

Support Alert scams appear as you surf the internet or open email. They are a type of pop-up, but don’t present like an advertisement. Check out this screencap of a recent support alert scam:

You can also safely see it in action this YouTube video. But there are some other critical details to this scam when it appears:

A loud tone may play, followed by a robotic voice. It may announce alarming things, like “Your computer has been locked”, “Do not shut off your computer”, or “Your identity has been compromised”.
All other windows that were open may be hidden and inaccessible.
The mouse cursor may disappear.
The X buttons and other elements will not respond to clicks or keyboard entry.

How You Might Meet this Scam

Here are some examples of how and when you might be accosted by this particular scam:

Clicking on a Sponsored Post or Ad on Facebook
Viewing a Celebrity Death Hoax article on social media
Visiting a Sponsored link or deceptive website from search engine results
Misspelling or mistyping a URL in the browser address bar
Clicking a link sent to you in a spam email or unexpected private message/text

Microsoft Support Alerts also originate from adware and malware installed on a computer. If this scam pops up frequently, then the computer may be infected!

What to Do When You Meet This Scam

Many people encounter this scam and feel helpless. The mouse doesn’t respond, the ‘X’ buttons do nothing, and the robovoice is urgently insisting to call the number before doomsday begins. But this is all part of the psychological ploy to get the victim to make the wrong choice (calling the number leads to an immediate remote control scam). Never call the number shown on these messages. Here are the right things to do:

Turn down your speakers, if the noise is too much for you.
Press CTRL + ALT + DEL on your keyboard, and then click the power icon to the lower-right. Choose Restart.
Or, press AND HOLD the power button on the computer, until it turns off. Let go of the power button and press it again to turn the machine back on.
When your computer is power back up, open your browser and see if you can use the internet normally again, but do NOT click Restore Pages, if asked. If you click Restore, you will resurrect the scam popups!

The messages on-screen may specifically tell you to not turn off your machine, but that is part of the scheme. Please do not believe it. Rebooting the computer is key to getting away from this scam!

How to Protect Against This Menace

This type of scam is powered by basic web pop-ups, so most antivirus programs won’t help. But there are other tactics & tools to lessen the likelihood of seeing this pop up:

Install an ad-blocker in your default browser. I like AdBlockPlus best.
Install Trafficlight in your default browser to reduce bad results in your searches.
Consider using FB Purity, if you spend a lot of time on Facebook.
Go into your browser notifications settings, and select “Don’t allow sites to send notifications”.
Resist clicking on any salacious news items, lotteries & giveaways or offers that are too-good-to-be-true.
Never click links in spam (email, texts, private messages).
Be careful when typing in any URL from scratch, as cybersquatters are ready to capitalize on your typos.

Despite all of these protections, you may still see a Microsoft Support Alert scam on your system someday. The creators of this are devious and determined to get around all barriers, and get better at their efforts everyday. So be ready to reboot, and you’ll be OK!

Facebook Copypasta

May 19, 2023 / Jesse Mueller / 0 Comments

If you see this stuff on Facebook, don’t pay it any mind. And don’t copy and paste it to your feed or anywhere else. It’s just junk, it’s Facebook copypasta, and you don’t need to be part of this paperless chain letter.

You can read more about this rubbish on Snopes. This one has been making the rounds for several years…

Have you seen something else on Facebook, where it asks/urges/demands that you copy and paste it into a new post? Don’t do it. The push for you to copy and paste on Facebook should be a red flag that something is not right.

If you choose to copy and paste something, that could be different. Perhaps you want to spread some info, but make some changes first. Maybe you want to remove a name for privacy’s sake, or edit the grammar and spelling to clean it up a bit. That’s legitimate, and you decided to do it.

But when another poster is pushing people to copy and paste, there are different reasons for that, and they are not good.

Facebook intends for people to spread posts using the Share function. This creates a trail, so that you can see where a post came from, leading from one Share to another. This also means that if the original Shared post is removed for any reason, the entire Share-hierarchy disappears.
But with copypasta, every post is independent. If the original is removed, no other posts are affected. This means that a misinformation copypasta is going to be far more difficult to eradicate or correct. And it may also lead to misinformation growth, as the post may be changed and added onto with each successive copy.
Copypasta defeats privacy boundaries on Facebook. A post in a Facebook group cannot be shared beyond that group. Another post that was set to “Friends Only” cannot be seen by the Public, even if Shared. But copying and pasting defeats all of that, because the new post is, again, independent.
The originator may never be found. Facebook and other people can track a Shared post back many levels, and find the source. But after someone starts a copypasta chain letter, they may decide to delete their post that started it all, and exit stage right. Maybe they want to avoid the consequences of their actions? Like Facebook Jail?

In short: Don’t copy and paste on Facebook, unless you decide that it is prudent. Using the Share function is more sensible. But even that doesn’t prevent misinformation or harm. Think twice and check facts before passing anything on.

Starlink Satellite Train

May 15, 2023 / Jesse Mueller / 0 Comments

Alright, folks: if you ever get to see this in your night sky, relax and enjoy the spectacle. This is not War of the Worlds or Independence Day or HHGTTH. It’s a Starlink Satellite Train!

Starlink is the world’s premier satellite internet service provider. And as they expand and improve service, they launch new satellites, in long strings, as shown above. Some people around the globe have been lucky enough to see these as they fly into the stratosphere and enter into service.

You might be surprised to see how many Starlink satellites we have orbiting the Earth. If you’re interested in trying to spot the next Starlink Satellite Train, you can check out this site to figure out when the next launch may be visible in the night sky. This article and this site also has information about past and future launches.

Stolen Facebook Accounts

May 12, 2023 / Jesse Mueller / 0 Comments

There is a large rise in Facebook Account Theft right now. I can’t explain the sudden surge, but for the last few weeks, I see people complaining about and suffering from stolen Facebook accounts almost every day. We need to go over the details, so that you are prepared and protected.

How Facebook Accounts Are Stolen

Your Facebook account can be stolen when a bad guy tricks you into revealing your password. Or, a cybercriminal can attempt to reset the password on your account, and then trick you into giving them the reset/authorization code. Then, they set a new password on the account, locking you out and giving themselves all the control.

To finalize the theft, the crook replaces the email address and/or phone number on your account with their own email/number. This makes it nearly impossible for you to recover your account.

Phishing emails are a common way to take passwords from people. Messages or pop-ups that look deceptively similar to real Facebook notices can pressure people to type in their credentials. But right now, I’m seeing a lot of password-theft happening via stolen accounts, using impersonation tactics. Example:

John Doe gets a PM from his cousin, Uncle Buck. “Hey, John! I’m having trouble with my Facebook account, and I need your help. Imma send you a code — can you tell me what that number is? It’ll help me reset my password, thanks!” John Doe thinks he’s helping his uncle, so he waits for the code to arrive by text message. When it comes, he types it in and sends it over.

But Uncle Buck isn’t Uncle Buck. A cybercriminal is inside Buck’s account, and when he gets the code, it allows him to finish a password reset on John Doe’s account. John Doe soon finds this out, when he is forced out of Facebook and cannot log back in. His account has been hijacked just like Uncle Buck’s.

How to Protect Your Facebook Account

Never share any security code with anyone. When a numeric code is texted or messaged to you, it is for your use only. In the wrong hands, that simple code can defeat the security of an important account. This goes for Facebook, Gmail, your bank login and any other online account you use.
Facebook offers some basic security tips at this page. Implement as much of their advice as you can handle.
Consider setting up additional security features for your Facebook account, like 2FA and login alerts. More info on that at this page.
If you get any fishy emails or PMs from people you would normally trust, pick up the phone and call the sender. Figure out if they really sent those message, or if you’re corresponding with some impostor in Scamdinavia.
Change your Facebook password at the first sign of trouble.
Review your Facebook Profile and make sure your Friends List, phone number and other personal info is not viewable by the public. The privacy level on that info should be “Friends Only”, or better yet, “Only Me.”

What to Do If Your Facebook Account is Stolen

Do not delete any security-alert emails that you receive from Facebook. They could be invaluable toward recovering your Facebook. When your password, email address or other sensitive info is changed on your account, you will receive an email. Each message will state: “If you did not make this change, click here.” Sometimes, clicking where indicated is your only hope of reverting the scammer’s change!
Try to recover your account at www.facebook.com/hacked . Alternate links and methods are at this page. I must warn you, though, this process can be time-consuming, frustrating and ultimately unsuccessful. Facebook has made this process difficult, and there is no easy way to contact them.
Contact people outside of Facebook, to let them know your account has been compromised. Tell them to not trust your account until further notice. Ask them to look at your account for any suspicious posts or content. If they see anything that looks bad, suggest to them that they report it to Facebook.
If you want to try to call Facebook, please know that it probably will not help. They do not want to answer the phone for non-paying customers, and at this time, you cannot yet pay Facebook for proper support. But I will give you their corporate numbers in California, just in case: 650-543-4800 and 650-308-7300. Please be careful seeking out other Facebook contact info, as most of the phone numbers you might see in a Google search belong to scammers.
There are many companies on the internet that claim to be able to recover your stolen account, for a fee. Most of these are fraudulent operations. Beware! But one company called Hacked.com seems to be legitimate. I can’t vouch for them 100%, but they have a significant internet footprint and reasonable reviews about the recovery services that they provide.
If all else fails, or the recovery process is too money or time-consuming, make a new Facebook account.

Relevant for Protecting Other Social Media Accounts

This post focuses on Facebook, as that’s where I’m seeing the most harm done right now. But the overall threat and advice is relevant elsewhere. LinkedIn, Instagram, Twitch, Twitter… Accounts can be targeted and stolen on many other social media websites, using the same tactics I’ve described.

And the amount of support you get (almost none) will probably be the same, if you are a free or non-paying user. I will help where I can, but I have no special abilities to get Facebook to do the right thing. It’s up to you to stay alert and not get in a jackpot. Stay suspicious, my friends!