Over the weekend, I received several legitimate Facebook notifications informing me that my name (and names of others from this friend’s network) were included in spammy posts, claiming that I must try to activate my profile because an impending deactivation of accounts will take place two weeks from now.

The notification (which also shows the content of the spam post) looks something like this:

Screenshot of the email I get from FacebookScreenshot of the email I get from Facebook
(click to enlarge)

The source post originated from an obviously fake profile called Facebook Announcement 2K14, which was created as a community page some time last month.

"All posts here are true!"(click to enlarge)

If you accept its description, “All posts here are true!”, as truth without batting an eye, then it’s highly likely that you’ll fall for whatever this account posts.

In another cases, the spammy post originated from this fake account: FbCeo Mark Zuckerberg, which was created just three days ago:

fake-zuck(click to enlarge)

Below are the messages being propagated by these accounts, respectively:

The two spammy posts in question(click to enlarge)

“Do this before your account gets deactivated!” posts on Facebook are not really new; however, what sets this apart is what appears to be the core target of the scam: most of them are Filipinos. Their objective? ‘Like’ harvesting and profiting via link visits.

When unknowing users followed the directions from these post, any or all of the following may happen without user consent:

  • the affected account auto-‘likes’ certain accounts or the scam purveyor’s own account. Liking an account also follows every post of that account.
  • the affected account auto-follows lists belonging to certain accounts or scam purveyor’s own account
  • the affected account auto-‘likes’ the spammy post
  • the affected account’s look will temporarily change in terms of profile background and shapes and colours of these elements. Sometimes, audio will play in the background.
  • the affected account tags random connections in their network to a post that is posted as a reply to the original spammy post. This seems an easy way for the scammer to monitor or track his or her victims.
  • the affected account is prevented from unfollowing certain accounts or the scam purveyor’s own account

Today, while writing this, a close friend and I continue to receive Facebook notifications telling me that several of our contacts have been duped.

I reported the fake profiles to Facebook and encouraged my friend to do the same. Hopefully, we won’t be the only one pushing for the site to be removed.

If you, dear Reader, have seen something similar or encounter similar fake pages in the future, don’t hesitate to use Facebook’s handy Report/Block… feature. Tinypaste, the service hosting the pages where the scripts are, was also informed about this scam.

Jovi Umawing