Top Facebook Scams of 2021 and How to Avoid Them

Trap box with money and facebook like and gifts
Click here for a summary of this article
Summary: Top Facebook Scams of 2021 and How to Avoid Them

Facebook is the most popular social media app in the world, and scammers flock to it to fleece unsuspecting users. Here are some of the most common ways they try.

  • Phishing – emails or direct messages with sketchy links that download malware or capture login credentials on spoofed websites.
  • Romance – friend requests and direct messages that attempt to create a romantic interest with the goal to steal money from the victim
  • Prizes or job offers – claims designed to obtain personal information or money from the victim
  • Shopping – selling counterfeit goods under a faux brand account or selling nothing at all using fake accounts
  • Quizzes and games – designed to ellicit personal information in the answers, then hacking accounts with it
  • Friend requests – either from people you don’t know or people you’re already friends with (cloned accounts)
  • Charity pleas – creating fake charities to get donations during times of disaster

Read on to learn more about how these scams work, and things you can do right now to avoid becoming a victim.

Facebook is the world’s most popular social media platform. Each month, more than 2.8 billion users log in to catch up with friends, share information, get their news, and even shop.

The site’s popularity makes it ripe for cybercriminals. With so many active users, fraudsters have a vast pool of potential victims at their fingertips. Even if only a fraction of fraud attempts work, that’s a pretty big payday for any scammer.

According to the U.S. Federal Trade Commission, financial losses from social media scams exceed hundreds of millions of dollars every year.

So, how can you avoid becoming a statistic? It starts by knowing what the most common scams are — and the steps you can take to avoid them.

Most Common Facebook Scams Today

Cybercriminals are an innovative bunch. They are always coming up with new ways to steal from unsuspecting social media users. Fraudsters most often try to get their hands on your account login credentials, personally identifying information, or bank and credit card information.

They attempt this in a variety of ways:

Infographic listing the most common scams on Facebook

You can read more information on these scams below.

Phishing scams

Scams involving fake emails have been around for years, and Facebook users are not immune from receiving them.

Phishing email will include a link and some wording that encourages you to follow the link to Facebook — except it isn’t the real Facebook, just a spoofed website.

Sometimes the website will be that you have compromised accounts. Other times, it will ask you to validate your login information. One growing trend is to send you an email link to reset your Facebook account, claiming it has been disabled for security purposes.

Money being phishedWhatever the reason, the goal is always the same — to get you to provide confidential information to cybercriminals.

Unfortunately, if you fall for this common scam, cybercriminals have all the information they need to wreak havoc in your life. Depending on the information you provide, they can take over your Facebook account and con your friends, pretending to be you. They might also be able to access and drain your bank account or use your credit card to rack up fraudulent purchases.

This strategy isn’t limited to actual emails, either. More and more often, cybercriminals are using Facebook Messenger to send the same kind of links.

Romance scams

One of the oldest scams involves fraudsters posing as love interests to target unsuspecting Facebook users. These faux romancers are people you’ve never heard of before. Scammers pretend they’ve gone through a traumatic breakup or use flattery to woo you. A romance scam is designed to play on your emotions and gain your trust.

This isn’t a short-term effort. Chats build up over the course of weeks and months before the con-man makes their pitch. But it always ends the same way — they eventually ask you to send money. It’s one of the most popular spots for catfishing online.

They can use a variety of reasons. One of the most popular is for the “romantic interest” to purchase airline tickets and visas so they can come and meet you in person. Another popular tactic is to say they need help covering their daily living expenses until they can eventually join you.

Screenshot of a fake romantic Facebook message

In all cases, the affection is not real. If you fall for their pleas, you’ll end up with an empty bank account and a romance that never was.

You’ve won! scams

Trophy with Question MarkThe excitement of winning a prize is hard to resist. The problem is that scammers know this and use that excitement against you. Sometimes they pose as celebrities, other times as big brands you trust. In all cases, the prize is irresistible. All you have to do to claim your prize is to send a small fee to cover shipping or other processing costs. In some cases, you don’t even have to do more than scan a QR code.

The goal is to get you to divulge your personal information and bank or credit card information. Once you do, you never hear from the scammer again, and your only prize is identity theft or an empty bank account.

Bogus job scams

The allure of a high-paying job opportunity might be hard to resist, especially when it comes without having to do anything yourself. But before you say yes to any unexpected offer, understand this is a common technique used by cybercriminals to extract personally identifying information from you.

If you respond to an offer like this, you’ll be asked to provide the typical information needed to start any job — your home address, your social security number, and perhaps even a copy of your driver’s license or passport. Unfortunately, this is all a clever criminal needs to steal your identity. Instead of a job, you get a financial mess to clean up.

Shopping scams

Facebook has grown from a simple social network app to a robust e-commerce platform. Businesses of all sizes maintain a page and regularly promote their goods and services via sponsored posts. Unfortunately, cybercriminals capitalize on the popularity of Facebook shopping, too, particularly with scam ads.

Scammers create fake brand accounts to push counterfeit goods. Other times, they create unheard-of shop names with “too good to be true” offers, then push scam ads like the one below. These unknown sellers offer goods at ridiculously cheap prices but don’t deliver anything at all. Instead, they take your money and disappear.

Screenshot of a fake shopping Facebook account

Fake charity scams

When disaster strikes, it is human nature to want to help. For many, this means donating money. Fraudsters know this, and use crises to reap a quick payday. They create fake charity pages, websites, and even accounts on popular sites like GoFundMe, then promote their “charities” on your Facebook feed. Usually, they ask you to pay via a PayPal account.

Before you give a dime to any charity, take a few minutes to do a little research. There are sites specifically designed for this purpose, including Charity Navigator, Guidestar, and Charity Watch.

Facebook quizzes and games

Cards On LaptopscreenAll those “getting to know you better” and “just for fun” quizzes you see on Facebook seem innocent enough. But these scams are anything but innocent. They are all designed to extract the kind of personal information many people use to create passwords or answer security questions for their online accounts.

Cybercriminals know this and use these quizzes to hack into a user’s Facebook account. From there, they can do a lot of different damage beyond simply taking over your Facebook account.

Fake friend requests

Anyone who’s been on Facebook for a while has encountered this scam. You get a Facebook friend request from someone you swear you are already friends with. This is a favorite tactic by scammers, who replicate entire Facebook accounts to mimic a legitimate person.

When you accept a fake request, you give the scammer insider access to you, even if you have your Facebook account locked down. They engage with you and use your trust to coax you into falling for their other scams, like a bogus link that installs malicious software on your device.

Anyone on Facebook knows the sinking feeling in the pit of your stomach when you open a Facebook private message that claims to have a video of you. These messages come from one of your Facebook connections and say something like “OMG! Is this you?” or “Have you seen this yet?!”

In reality, it isn’t your friend who sent the message. Their account got hacked, and it is a fraudster using your friend’s account (or a cloned account mimicking your friend) to send malware links.

Screenshot of a phishing Facebook message

The purpose? To get you to click on the video or link. Once you do, you’ll usually be redirected to a website that installs malware on your device. Once it infects your computer, tablet, or smartphone, scammers have control and can spread malware to your friends and family.

Nonexistent coupons and discounts

Another tried-and-true tactic is playing to the allure of saving money. Hackers push these great deals to unsuspecting victims in a variety of ways — one of the most popular is through bogus apps that promise great deals. This happens with alarming frequency and is highly effective.

Unfortunately, the app is really a Trojan horse. When the user installs it on their phone or computer in order to claim their coupons or discounts, what they’re actually getting is malware. Once installed on your device, the malware can do many things, like extract confidential information and send it on to cybercriminals. The one thing these malicious apps don’t do? Give you any discounts or coupons.

How to Avoid Scams on Facebook

There are many things you can do to maintain your safety and avoid becoming a victim.

Things you can do within Facebook

From within Facebook, follow these best practices to avoid fraudsters.

1. Lock down your Facebook privacy settings

Facebook Privacy Laptop LockTo avoid attracting unwanted attention from cybercriminals, be sure your account is as private as possible. While you can never hide your profile pictures or cover photos, you can hide almost everything else from those outside your friends list.

You can also tweak your privacy settings in other ways to keep your account safe. Here is how to do so from your computer:

  1. Open the Facebook app.
  2. Click on the down arrow (on iPhone) or hamburger menu (on Android) in the upper right corner of the screen.
  3. Choose Settings & Privacy from the menu.
  4. On iPhone, select Privacy Checkup. On Android, click Settings, which will lead you to another page where Privacy Checkup is. Facebook will walk you through the most common privacy settings, with recommendations for each option.

Screenshot of Facebook's Settings and Privacy panel

2. Enable two-factor authentication

One of the easiest ways to prevent unwanted logins on your Facebook account is to enable two-factor authentication. With this in place, anytime someone tries logging in from an unrecognized location or device, they will also have to enter a one-time code in addition to your username and password. This code is sent to your phone via text message or through an authenticator app.

To set up two-factor authentication on Facebook, do the following:

  1. Open the Facebook app on your computer.
  2. Click on the down arrow in the upper right corner of the screen.
  3. Choose Settings & Privacy > Settings > Security & Login.
  4. Scroll down to Two-Factor Authentication and click Edit.

You’ll be able to set up a secondary method of authentication, based on your preferences.

Screenshot of Two-Factor Authentication Facebook Settings

3. Decline a friend request from anyone you don’t know

This is an easy one. Get in the habit of declining friend requests from anyone you are not familiar with. Unless you are trying to become a Facebook influencer, amassing connections with people you don’t know is unnecessary and unsafe.

The more friends you have that you don’t know, the higher the risk you’ll be approached with some sort of Facebook scam.

4. Ignore messages asking for personal information or money

If you receive a private message from someone you know and they’re pleading for help (usually in the form of money), double-check with this friend off Facebook to verify the legitimacy of their request. Logically, if a real friend is in dire straights, they won’t rely on Facebook Messenger to get help.

Use WhatsApp (or another messaging service) to reach out to them. Go old school and call them. However you do it, take this extra step to prevent being scammed. Most likely (always?), Facebook Messenger requests for help are a simple scam to extract money from you.

Whether it is a phishing email or a private message from a friend, avoid the temptation to click on unsolicited videos or links. If you think a friend sent you something, double-check with them (outside of Facebook) before clicking on anything. Especially when what they sent you involves embarrassing or compromising information about you.

Think about it. Most real friends would probably not send a generic “OMG! Is this you?!” message if they really saw something bad about you.

Facebook may occasionally send you an email that contains links. If you want to verify that the email is legitimate, you can check here:

  1. Open the Facebook app on your computer.
  2. Click on the down arrow in the upper right corner of the screen.
  3. Choose Settings & Privacy > Settings > Security & Login.
  4. Scroll down to Advanced and click Recent Emails from Facebook.

Security and Login Facebook Chart screenshot

Here you will find all the real emails Facebook has recently sent you, both about security and login issues, as well as other topics. If the email is listed here, you can be confident it is the real deal.

6. Check your login history regularly

Be sure to keep an eye on all the places and devices that are logged in to your Facebook account. This helps you get rid of unwanted access quickly.

Here’s how to check your log-in sessions.

  1. Open the Facebook app on your computer.
  2. Click on the down arrow in the upper right corner of the screen.
  3. Choose Settings & Privacy > Settings > Security & Login.
  4. Scroll down to Where You’re Logged In and review for accuracy. Delete any suspicious logins.

Login Sessions Facebook screenshot

7. Use a strong password

Resist the urge to reuse passwords across multiple online accounts. Also, make sure the unique password you use is hard to decipher. The days of using your oldest child’s birthday or mother’s maiden name are long gone. Today’s sophisticated cybercriminals can crack most simple passwords with ease.

Whether you use the password manager included in your browser, enlist the help of a third-party app, or create your own complex passwords (and save them somewhere very secure), your online security is greatly improved when you use strong passwords.

8. Only shop from verified brand accounts

If you are one of the millions of people who shop on Facebook, keep yourself safe by only dealing with verified Facebook pages. This extra step is taken by all reputable brands to reassure potential buyers of the integrity of any transaction.

It is easy to see which brands are verified. They will have a blue circle with a checkmark next to their brand name.

Screenshot that shows a verified Facebook Account

If a Facebook page is selling items but not verified, think really hard before providing personal information or credit card details to them.

9. Search regularly for accounts in your name

To avoid the damage of someone cloning your Facebook account and using these fake accounts in malicious ways, get in the habit of regularly searching Facebook for your name. This only takes a minute and is an easy way to identify and eliminate doppelganger accounts.

If you do find an imposter account, you can report it to Facebook by using the Report Profile feature. Just click on the three dots on a person’s profile and select Find Support or Report Profile.

Find support or report Facebook profile screenshot

Things you can do outside Facebook

There are several things you can do to ensure your safety on Facebook and online in general.

1. Keep your device’s operating system updated

Developers regularly issue patches to deal with security issues as they become known. If you are not in the habit of regularly updating your operating system, your device is unnecessarily vulnerable.

Update your devices anytime a new release is issued. You can turn on auto-updates to automate the process.

2. Report all suspicious emails

If you think an email you received from Facebook is a scam, go ahead and forward it to Facebook. They will take it from there.

The official email to send it to is [email protected].

3. Install antivirus software on all your devices

To avoid the possibility of malicious software being installed on your devices, make sure to have a robust antivirus program installed and running on your smartphone, computers, and tablets. If you are unfamiliar with antivirus software, what it does, and how it works, learn more here. You can also check out our review of the best antivirus programs of 2021 for recommendations.

If you want malware protection right away, we recommend Kaspersky. It is a highly regarded name in cybersecurity with antivirus software that is easy to use and works on all devices.

Visit Kaspersky

4. Use common sense

A lot of avoiding Facebook scams involves using simple common sense. An offer that seems too good to be true? It probably is. That video link your friend sent you with the “Is this you!?” comment? Likely fake. The friend request with a suggestive message from someone you don’t know? Probably the start of an eventual money request.

The bottom line is to be skeptical and vigilant whenever you interact on Facebook. Only accept friend requests from people you know in real life. Pass on those incredible offers sent out of the blue. Don’t overshare or give out personal data.

What to Do If You Are a Victim of a Facebook Scam

Even the most vigilant Facebook user might fall victim to a cleverly crafted Facebook scam. There are many ways cybercriminals can hurt you, including:

  • Infecting your devices and spreading malware to your contacts
  • Racking up credit card charges
  • Draining your bank account
  • Ruining your credit
  • Stealing your identity

As soon as you think you’ve been a scam victim, you must move quickly to minimize the damage. Here are some things you should do right away to protect yourself.

Report the scam to Facebook

It only takes a second to report questionable profiles, ads, posts, or messages to Facebook. You will find a Report option on every page, post, and direct message.

Change your password

Laptop With PasswordIf you believe your Facebook account has been hacked, change your password immediately. If you’ve used this password on other accounts, be sure to change it there, too.

Whenever your login credentials fall into the hands of cybercriminals, you should also consider changing passwords on all your sensitive accounts, including your bank and credit card companies.

Make sure the new passwords are unique and complex.

Keep an eye on financial accounts

You should get in the habit of regularly monitoring all the accounts where you have money or credit lines. Cybercriminals often initiate smaller transactions to test for success before they go in for the kill.

By identifying suspicious transactions early, you can prevent major damage to your finances and credit.

Freeze your credit

Creditcards on LaptopIf you think your personal information has fallen into the wrong hands and are concerned about identity theft, be sure to freeze your credit. If you don’t, scammers can do many things; like open bank and credit card accounts in your name; obtain utility and cell service; and even apply for mortgages — all in your name. This can have devastating effects on your creditworthiness.

You can prevent this by freezing your credit at the major credit reporting agencies. When you do, no new credit will be issued under your social security number or name.

In the United States, you can do this at Experian, TransUnion, and Equifax. The United Kingdom and most European countries offer similar services for their respective jurisdictions.

Consider an identity theft monitoring service

If thieves infiltrated your Facebook account or installed malware on your device, it is possible they have all the information they need to steal your identity. The trouble is, you may not catch it early enough to prevent serious damage. Many people turn to identity theft monitoring services to help catch identity theft early.

One such company is LifeLock. Read more about what they do and how they combat the impacts of identity theft in our review. You can also head directly to their website to find out more.

Visit LifeLock

Staying Safe from Facebook Scams

Facebook is a great way to keep up with friends and family. It’s also a convenient place to follow your favorite celebrities, brands, and news outlets. But the social media channel doesn’t come without risks, including numerous Facebook scams.

To stay safe while you scroll, like, share, and comment, you must remain vigilant. Know the most popular types of scams on Facebook. Cast a wary eye on private messages you receive. Don’t accept friend requests or messages from strangers. Never send money to people you don’t trust. Maintain safe online habits, and run antivirus software on all your devices.

These sensible strategies will keep you safe on Facebook and many other social media platforms.

Learn more about other social media scams and how to avoid them here:

Facebook Scams: Frequenty Asked Questions

Didn’t find what you were looking for in our article? Still have questions? Check out the questions we get asked most often about Facebook scams.

Facebook makes it easy to report a suspected scam post, account, page, or direct message. There is always a Report option available on every Facebook screen. Sometimes it is hidden and requires you to click on the three dots next to a profile name.

Just click on the report option, follow any additional prompts, and Facebook will investigate your scam claim.

Phishing emails and romance attempts are two of the most common scams involving Facebook. Phishing tries to get you to click on sketchy links that want your private information or attempt to install malware on your device. Faux romancers try to hook you and convince you to send them money.

There are many other scams that you’ll encounter on Facebook, too. Read our full article about Facebook scams to find out what they are, and how to avoid becoming a victim.

If you think you are a Facebook scam victim, the first thing you should do is change your login credentials. If you used the same password elsewhere, change it there, too. Also, report the scam to Facebook.

You should also keep close watch on your financial accounts for any suspicious activity. Depending on the type of information you disclosed, you may also consider freezing your credit and subscribing to an identity theft monitoring service.

Tech journalist
Liz is a professional writer with a special interest in online privacy and cybersecurity. As a US expat who travels and works in diverse locations around the world, keeping up with the latest internet safety best practices remains her priority.