Beware of Facebook Event Bad Actors

Share
  • December 12, 2023

Scammers and bad actors are not new. The methods which con artists use to try and trick people into giving away their money or sharing private, personal information continue to evolve, however. It can be valuable to learn about some of these new scam techniques, especially in our increasingly DIGITAL world. In this post, I’d like to share some details about a scammer I discovered today in the “Food Truck Charlotte” Facebook group, as well as 10 different WARNING SIGNS that the creator of the account and post in question is a BAD ACTOR and LESSONS LEARNED from this situation. I’ll also share the steps I took to report this malicious post and account profile, so it could be deleted / removed. Hopefully these thoughts will help others avoid similar scams in the future and report similar bad actors.

“1-original-post” (CC BY 2.0) by Wesley Fryer

The screenshot above shows the original post in the “Food Truck Charlotte” Facebook group, asking interested food truck proprietors to email “vendingevents2023 [at] gmail [dot] com” to reserve a booth at the SHALLOTTE, North Carolina (note: NOT “Charlotte, NC” which is the focus of this Facebook group) Holiday Weekend Pop-Up Market. Rather than a direct form link and website to connect to for more information, interested parties are asked to just email a consumer Gmail account which anyone on our planet with Internet access could have registered and be using. This was and is warning sign number one.

1. Beware of “Events” Without a Website Link

Full disclosure: I did NOT initially realize I was dealing with a BAD ACTOR when I emailed the provided address. After I received an email response a few days later, after I sent a SECOND follow-up email (also strange they did not reply sooner) I became suspicious when “they” asked me to fill out an Office365 web form (which had several typos and errors) and then requested I send an $80 booth registration fee via PAYPAL, marked as “pay as friends and family for faster processing.” That, of course, would have been a LIE, and was a clear red flag.

“6-email-pay” (CC BY 2.0) by Wesley Fryer

This highlights several more bad actor “red flags.”

2- Be wary of PayPal or CashApp Direct Payments for Event / Vendor Registration

3- Never agree to LIE and mark a payment “for family and friends” when it is really for a business expense

When I became suspicious this could be a scammer / bad actor and not a genuine event organizer, I Googled, “Holiday Market SHALLOTTE, North Carolina December 16, 2023” and found their official event webpage on the domain townofshallotte.org. I also found the Official “Market on Mulberry” vendor application form, which is in MS-Word format and indicates the vendor booth fee is $25 per day, not $80. At that point, I called the Shallotte Town Hall phone number on the officiial form (910-754-4032), speaking to two representatives and confirming that they were NOT soliciting booth fees of $80 on the “Food Truck Charlotte” Facebook page. This highlights warning sign and object lesson number 4:

4- Don’t hesitate to make a PHONE CALL and talk directly with government or organizational representatives

After I spoke with the helpful Shallotte Town Hall representatives and confirmed that I was dealing with a BAD ACTOR on Facebook, I looked more carefully at the profile page of the original poster so I could report them to Facebook group administrators as well as Facebook generally. This was the user’s profile:

“3-facebook-profile” (CC BY 2.0) by Wesley Fryer

I clicked the “three dots” beside VIEW PROFILE to view the PROFILE SETTINGS for the account, shown below. Note the descrepancy between the profile name (“Anne Corinne”) and the profile link (“evans.kipkemmoi.39”). A Google Search for “evans.kipkemmoi” does not yield any direct hits, so both of these names may be entirely invented.

“4-profile-link” (CC BY 2.0) by Wesley Fryer

5- Click THREE DOTS by a Facebook User’s Profile to view SETTINGS and more information

6- Be WARY of Facebook accounts which have different names in the public PROFILE and the actual profile LINK

I used the PROFILE SETTINGS screen in Facebook to REPORT the account to group administrators as a bad actor / scammer. I also used that screen to report the account as a FAKE ACCOUNT. Unfortunately I could not submit any additional details, but if/when the account report is reviewed by a human being (or an AI bot, I suppose) hopefully that “entity” will see that group admins in “Charlotte Food Trucks” deleted the post in question, and that will be viewed as evidence the account owner is acting in bad faith.

7- Use the Facebook REPORTING options to call out scammers / bad actors / fake accounts

Since I was interested to find out, and also teach my own media literacy students how to “trace to the original” as part of our unit on conspiracy theories and the SIFT web literacy framework, I used TinyEye.com to perform a reverse image seach on the profile photo of the “Anne Corinne” profile in question. The result (not surprisingly) was that the image was not found ANYWHERE else online, leading me to suspect it is FAKE and was created with a generative AI tool like thispersondoesnotexist.com.

8- Use websites like TinyEye.com to “trace to the original” when investigating an unfamiliar web source (SIFT!)

In addition to reporting this specific post on the “Food Truck Charlotte” Facebook group as a spam message which violated community standards / group rules and should be deleted, I also posted a comment on the original Facebook group post to provide more information for administrators as well as other group members who might see the post before it was taken down. In the message, I explained my “evidence” for the post being false / fake: It solicited $80 instead of $10 for a vendor fee, and I provided the “official” city of Shallotte vendor form which includes that information.

“2-warning-to-admins” (CC BY 2.0) by Wesley Fryer

9- Add comments to false / misleading posts on Facebook to help others avoid scams

Another warning sign that this “event organizer” was a bad actor was the fact that he/she used multiple email addresses to solicit and collect a vendor booth payment. The original email address posted to the Facebook group was different than the PayPal email address they asked me to send $80 to as “friends and family.” I reported these GMail accounts directly to Google as “abuse” and also reported the address they asked me to use with PayPal to “[email protected].”

10- Report email addresses used for scams / phishing attacks to organizational security teams

Unfortunately, all of these steps took more time than many of us often have to dedicate to an attempted or actual phishing incident. On the good side, platforms (like Facebook and PayPal) provide relatively straightforward links and processes for reporting bad actors and fraud, so it doesn’t take TOO much hunting around to find and use those procedures.

Try and stay safe out there! If you’re not already, you should be using a password manager as well as turning on “multi-factor authentication” on as many websites / for as many web accounts as you can. For more on this topic, check out my TEDxUCO talk from March 2021, “Technology Fear Therapy.” My slides (including all referenced links from the talk) are also available!

“Online Bad Actor” (CC BY 2.0) by Wesley Fryer

If you enjoyed this post and found it useful, subscribe to Wes’ free newsletter. Check out Wes’ video tutorial library, “Playing with Media.” Information about more ways to learn with Dr. Wesley Fryer are available on wesfryer.com/after.

Source : Beware of Facebook Event Bad Actors