Beware of scams on your business’s Facebook account

Fraudsters could hack into your business’s Facebook account and use your money to advertise their products online.

Running targeted ad campaigns on Facebook can be a great way to drive customers to your business. But while the social media giant’s enormous reach means it has become an important part of many business’s customer recruitment strategies, Facebook also attracts unsavoury users. A growing number of businesses have had their ad accounts hacked, and found themselves with a whacking bill run up by their attackers.

The story is depressingly familiar. Businesses that have set up legitimate advertising campaigns on Facebook – the cost of which depends on the number of views each advert gets – suddenly notice a jump in what they are being charged. Sometimes, the bill goes over the maximum spending limit they have set on their accounts; it may run into tens of thousands of pounds.

The explanation is that their account has been hacked. Fraudsters are using the business’s account to run ads of their own. They may also have access to the business’s settings, enabling them to change spending limits and other controls. This can also make it difficult to put a stop to the fraud, even after the business has spotted the problem.

A costly problem

Facebook won’t say how frequently this happens, but the number of small businesses reporting problems appears to be growing. And while the social media giant doesn’t necessarily demand payment when ad spending is run up by fraudsters, it won’t guarantee all losses are refunded. Besides, the true cost of fraud for a business dependent on its Facebook advertising activities may go way beyond the bill run up by the fraudster. It may be impossible to continue running genuine campaigns while trying to fix the issue.

As with most online fraud, there is no single vulnerability that enables fraudsters to attack Facebook ad accounts. Your business could be targeted in many different ways. Certainly, phishing attempts remain rampant – where fraudsters send out emails purporting to be from Facebook in order to send you to a fake website aimed at stealing your login credentials. If you use the same login details for multiple sites, the problem may also lie with a breach of security elsewhere.

However fraudsters are also becoming more creative. One common scam sees fraudsters posing as customers so they can send over documents to make an order. The document includes malware that installs on your computer and compromises your security.

The more people in the business with access to the ad account, the greater the risk of a compromise. Each user with admin rights to the account becomes a potential target for fraudsters. It therefore makes sense only to grant such rights to those who genuinely need them – and to delete privileges as soon as they are no longer required.

Facebook says some basic cyber-hygiene will offer a good level of protection. It urges ad account users to set up two-factor authentication. This requires users to provide both a unique code and a password to log into the account, and sends out an alert each time someone tries to log in from an unrecognised device. Small business owners can also enable “login request”, asking them to approve or deny request for access following these alerts.

Facebook also advises businesses to keep the phone number and email address linked to their device updated. This can allow customers to recover their account more quickly. It is possible to report questionable content and accounts by tapping the three dots above posts, or by reporting an account directly from its profile.

In addition, Facebook says it never sends small businesses direct messages; instead, it uses email. Therefore businesses should never respond to a message sent by an account claiming to be Facebook – it is likely to be a scam.

Securing your Facebook account

However, despite taking careful precautions businesses do run into problems. One difficulty is that getting support from Facebook can be difficult. The company is heavily dependent on user guides and help pages on its websites, and so finding a way to speak to someone at Facebook either by email or on the phone is not straightforward.

Some simple steps will help. If you know which admin account is being used to compromise your business, you can remove its access privileges via your settings pages. You can also use these pages to secure your account, even if passwords have been changed. Facebook’s Help services also give you a means through which to report a problem and to request support. This may be necessary to avoid being stung for charges or to get a refund if you’ve already paid out for ads that weren’t yours.

Recommended

Britain’s ten most-hated shares – w/e 9 August
Stocks and shares

Britain’s ten most-hated shares – w/e 9 August

Rupert Hargreaves looks at Britain's ten most-hated shares, and what short-sellers are looking at now.
10 Aug 2022
Aviva: One for income investors to tuck away
Share tips

Aviva: One for income investors to tuck away

Insurance giant Aviva is one of the highest yielding stocks in the FTSE 100 – and it’s cheap, too, making it a tempting target for income investors. R…
10 Aug 2022
Director dealings w/e 5 August: what company insiders are buying and selling
Stocks and shares

Director dealings w/e 5 August: what company insiders are buying and selling

Directors’ share dealings can often give investors an insight into the sentiment of company insiders. Here are some of the biggest deals by company di…
9 Aug 2022
Is abrdn’s eye-catching 9.2% dividend yield sustainable?
Share tips

Is abrdn’s eye-catching 9.2% dividend yield sustainable?

Shares in investment manager abrdn currently yield 9.2%. Generally speaking, says Rupert Hargreaves, it pays to be sceptical of very high dividend yie…
9 Aug 2022

Most Popular

Are UK house prices finally heading for a crash?
House prices

Are UK house prices finally heading for a crash?

The latest house price figures show a fall of 0.1% in July. With interest rates rising, inflation hitting double figures and a recession on the cards,…
5 Aug 2022
Brace yourself for the return of rationing
Economy

Brace yourself for the return of rationing

Russia is turning off the cheap energy. That is already leading to belt-tightening, says Matthew Lynn. Who will suffer most, and which sectors will th…
5 Aug 2022
Fear of missing out – what should investors do now?
Investment strategy

Fear of missing out – what should investors do now?

Markets have rallied from their mid-June lows. But if you missed out, as most investors did, what should you do now? Max King explains.
8 Aug 2022