On one hand, we’re entering an AI Renaissance. ChatGPT and AI tools are exploding into our lives and will soon change the way we work, live, and play. And yet… Facebook still sucks at detecting basic fraud.
These may sound completely unrelated, but they’re not. These two things contradict each other in laughable ways. We’re preparing to bow to our robot overlords. Facebook/Meta is one of the techiest of all tech companies and is known for advancements in ads optimizationHow you optimize impacts who sees your Facebook ad. Facebook will show your ad to people most likely to perform your desired action. More and machine learning.
So… Why does Facebook suck so bad at this? How can we explain it? How does Facebook explain it?
I’m sure that these things are more complicated than I can ever understand. But, as you read this, you are likely to detect some anger. I’m annoyed. I’m exhausted. I’m tired of trying to explain why this is still a thing. And as much as I want to defend Facebook and the technical nature of managing this stuff, I remain at a loss for understanding.
What I’m going to describe was originally a minor annoyance. Scams that most people realized were scams and Facebook made some minor attempts to eliminate them. But as time has passed, it’s simply inexcusable that this stuff still exists.
Businesses are getting hurt by it. And that, ultimately, hurts Facebook.
The Phishing Scam
What I’m going to describe won’t be shocking. You’ve likely seen a variation of this before. There are a couple of versions of how this phishing scam works.
Most work because they create a Facebook page and then a post that claims you have violated terms. The page either tags a bunch of pages or emails them to drive traffic to this post.
Here’s an example (Note: I’m blocking the link in each of these scams to protect my readers)…
It indicates that your account is going to be deleted if you don’t act. Click that link to appeal, it says. Of course, that’s no Facebook link. You can bet it’s a phishing link.
That post is amazingly from October. Still up today.
Have you noticed a common theme? I’m able to find all of these easily because they’re all under the name “Restriction Details.” All are different pages.
There are lots and lots of them.
Some of these pages are new. Some have been around a while. They use different names, too. In some cases, even the Facebook or Meta name and logo are used.
If you initially get an email directly from the scammer, you may immediately realize it’s fake because of the return email address. But…
That email could also come, amazingly, directly from Facebook. You could get that email from Facebook if you get notifications sent to you that way.
Here’s an example of such an email…
Do you see what’s happening here? This email is actually from Facebook. It’s sent to notify you that a page has tagged you. There’s a very scary message in that email and a phishing link within it.
An unsuspecting victim could see that it’s actually from Facebook and assume that the message within it is also from Facebook. That is one of the primary ways these scammers get people to click that phishing link.
This is so bad that Facebook even suggested one of these posts in my news feed.
People are getting harmed by these scams. And Facebook isn’t doing nearly enough about it.
Why is This So Hard?
Look. I’m tired. I’m tired of reporting these posts for spam and scams every two or three days. And you know what’s crazy? Most of that reporting does absolutely nothing.
Here’s Facebook’s update on a post I reported back in August.
They’ll notify me when my report has been reviewed. I guess that hasn’t happened yet.
In some cases, these pages use Facebook or Meta branding. That should be easy. There’s no reason that such a post should get through.
Beyond that, we see that so many of these pages have similar or identical names. Once the first 100 are flagged, how can we not prevent future pages from popping up?
And some of these pages have existed for many months. You know that people are reporting them. How do they still exist?
This scam isn’t sophisticated. The posts follow a very limited playbook. They say that you violated terms. You have a short period of time to act before your page is going to get taken down. Click this shady link to dispute.
We now have AI that can respond to a loosely-structured question and give us the exact answer that we needed in a conversational tone. Crazy Star Trek stuff.
And yet, Facebook can’t detect a pattern with these pages and posts. I’m no programmer, but this seems like elementary-level detection that’s required compared to what we’re seeing with AI right now.
Why Does Facebook Suck At This?
Okay, I’m not done. Here’s another pathetic example of Facebook scam and spam detection.
Back in June, Facebook announced that they were going to improve business reviews and recommendations. You see, spammers and scammers would use recommendations because they aren’t as easy to remove. Why? Because pages can’t simply remove a negative review.
So, that June update was expected to improve the authenticity and trustworthiness of reviews. Did it? Nope.
Just today, my page received this review…
Wanna know what’s funny? I meant to share a screenshot of a different spam review that was left for me early this morning. But this one just came in a few minutes ago.
Once again, they all follow the same playbook. Completely unrelated to my business. Something to do with money. And then an email address, phone number, or WhatsApp number (or combination).
An authentic review wouldn’t include contact info. Why would it? Any review that includes such information should be an immediate red flag.
At this point, I probably get 20 spam reviews for every one authentic review. It’s made the entire system pointless.
And Facebook either can’t or won’t do anything about it. Or anything meaningful.
This is Going to Get Worse
Look, I get that this stuff is obvious to many of us. It’s really not hard for me to detect spam and scams, report them, and remove them (if possible). But there are two things to keep in mind here.
First, not everyone is as tech-savvy and knowledgeable as we are. These do fool some people. This is harming a large enough group that the scammers remain out in force.
Second, the scams might be easy for us to detect now, but they’ll get far more sophisticated. Why? That same AI advancement that Facebook isn’t using will be used by the scammers to blend in with authentic posts.
I recorded a quick video about this, too. Take a look…
This exhausts me. What do you think? What should Facebook do to get rid of this nonsense?
Let me know in the comments below!