Facebook Ad Scams are back in the news... but they have always been here
Facebook Ads are back in the spotlight, with the Government ramping up attention after DeepFakes of the Prime Minister started circulating through Facebook Ads. It’s no surprise that fake ads on Facebook remain a massive issue in Australia. Just last year, Australians reportedly lost nearly $300 million to investment scams, most of which kicked off on social media. While the Government has been making noise about tackling this problem—and it seems to pop up in the media every few months—the reality on the ground is that nothing much has changed. The scams are just as prevalent and damaging as ever.
A key tactic is the exploitation of verified Facebook profiles, which are purchased or hijacked to distribute these fraudulent ads. These profiles are rotated across multiple accounts to evade enforcement. Unfortunately, Facebook lacks effective mechanisms for reporting such profiles unless they directly impersonate a brand, allowing bad actors to operate with minimal interference. The ads typically lead to malicious landing pages designed to harvest credit card details or carry out scams. These websites are built using fraud-as-a-service infrastructure, enabling rapid, large-scale deployment that leaves brands and consumers vulnerable.
Scammers are exploiting Facebook's Automated Complaint’s Process
Scammers are exploiting Facebook’s complaints process, leaving brands frustrated and bewildered. They’ve figured out how to game the system, using verified profiles that don’t directly infringe on a brand’s IP to serve thousands of fraudulent ads. These profiles slip through the cracks because Facebook doesn’t offer a way to report them effectively or provide context around the ads they’re serving. To make matters worse, scammers delete the ads permanently once they’ve served their purpose, erasing all evidence and making it nearly impossible for brands to trace or prove the scam’s impact. This leaves brands feeling powerless and stuck dealing with the fallout while scammers continue unchecked.
Adding to the frustration is Facebook’s lack of meaningful engagement with brands affected by these scams. To address Facebook ads scams, they offer an automated complaints process that often fails to address the nuanced challenges brands face. Without direct support or tailored solutions, brands are left to deal with the fallout of scams, including reputational damage and customer mistrust, while Facebook’s enforcement systems struggle to keep up with the scale and sophistication of these schemes.
Fire Initiative should invite industry representatives
Meta’s Fraud Intelligence Reciprocal Exchange (FIRE), developed in partnership with the Australian Financial Crimes Exchange (AFCX), focuses on combating Facebook ad scams targeting financial organisations, particularly Australian banks and large institutions. While this initiative is a positive step in enhancing cooperation and intelligence sharing within the financial sector, its scope is limited. Other industries heavily targeted by Facebook scams—such as retail, travel, telecommunications, and healthcare—are largely unrepresented in groups like AFCX and do not benefit directly from FIRE’s resources.
This lack of representation creates significant vulnerabilities for non-financial sectors, where scammers frequently exploit gaps in enforcement with fake ads, fraudulent websites, and brand impersonation. To address this, we hope that Meta will expand its efforts to include a broader range of industries, fostering collaboration with affected brands and tailoring solutions to sector-specific challenges. Without a more inclusive approach, scammers will simply adjust their target to industries that are not protected by initiatives such as FIRE, and are therefore vulnerable to attack. With more voices at the table, the data would improve, and we’d have a better shot at spotting fake ads before they turn into full-blown financial scams.
Full Reporting Automation has Failed. FB Need to Invest in More Expert Resources
Facebook needs to move on from its heavily automated complaints process and commit proper resources to review complaints quickly and effectively. While automation helps manage the sheer volume of reports, it fails to tackle the complexities of scams that demand context, nuance, and human review. Scammers have mastered exploiting these blind spots, using tactics like verified profiles and quickly deleted ads to evade detection.
The response to legitimate complaints about scams is often an infuriating automated message:
“We reviewed the ad again. Thanks for requesting a review. We reviewed the ad again and confirmed that it doesn’t go against any of our Advertising Standards. We understand that this might be frustrating, so we recommend influencing the ads you see by hiding ads and changing your ad preferences.”
There is no recourse offered—just a suggestion to hide the ad. For brand owners, this is beyond frustrating. It’s clear that Facebook must address this issue urgently to restore trust and protect brands from these continued threats. Facebook Ad scams isn’t an issue that can be ignored, and hopefully Facebook start developing more brand (and cyber security) friendly mechanisms to address this problem.
Remove Fake Ads Quickly and Effortlessly with Unphish
Unphish’s takedown service swiftly and effectively removes fraudulent ads from platforms like Facebook, Google, and others
About brandsec
brandsec is a team of highly experienced domain name management and online brand protection experts. We provide corporate domain name management and brand enforcement services, helping brands eliminate phishing platforms across the internet. Supporting some of the largest brands in the region, we offer innovative solutions to combat threats across multiple industries.