Facebook scams on the rise: How cybercriminals are turning your feed into a trap

When you think of Facebook, you might picture birthday reminders, travel photos, or a quick check-in with old friends. But behind that familiar blue interface, cybercriminals are hard at work turning social media into a scammer’s paradise.

A young man wearing glasses and a light sweater stands indoors at night, looking at his smartphone with a focused expression. Behind him, large windows reveal an urban cityscape with blurred lights and buildings.

At Norton, we’ve been tracking a sharp uptick in scams spreading across platforms like Facebook and Instagram, many of them leveraging sophisticated tactics to deceive users and steal their money – or worse, their identities. From fake tech support warnings to deepfake ads and impersonated services, the threat landscape on Facebook is evolving faster than ever.

In this post, we’ll explore how scammers are abusing Facebook, what types of fraud are trending, and most importantly, how to stay safe.

Scams are evolving – but the tricks are familiar

Scams are now the most prevalent mobile threat and the second-most common type of malware overall. And while the delivery mechanisms change – social media, messenger bots, mobile ads – the tactics themselves are timeless:

  • Create urgency
  • Trigger fear or shame
  • Exploit emotional or financial vulnerabilities
  • Undermine your sense of security or logic

These psychological tactics are repeated across scam types, but social media platforms like Facebook have become fertile ground for amplifying their reach.

The rise of technical support scams on Facebook

Traditionally, Technical Support Scams (TSS) have lived on shady websites and cold calls. But now, Facebook is the new frontline.

In Q2 2025 alone, we observed a nearly 65% global increase in Technical Support Scam activity – with 14% of blocked threats on Facebook being TSS-related, as reported in our Gen Threat Report. The scam often begins with a malicious ad or post that appears innocuous, but once clicked, redirects you to a landing page that imitates the Facebook Messenger interface.

From there, things escalate quickly:

  • The fake page locks your browser, making it appear frozen or infected.
  • A popup warning urges you to call a toll-free “support” number.
  • On the other end? A scammer posing as a legitimate tech support agent, eager to "fix" your problem—for a fee, of course.

This new twist on an old scam leverages social media’s trust factor to boost its success rate. After all, if it’s on a trusted social media platform, how dangerous can it be?

Why Facebook is so effective for scammers

Facebook’s massive global reach, personalized ad targeting, and interactive features make it a goldmine for scammers. Consider this:

  • Users are in a casual mindset, often multitasking or distracted.
  • Ads can be hyper-targeted based on age, location, and interests – so a scam can look like it was made just for you.
  • Messenger bots and Forms offer easy ways for attackers to collect your information under the guise of customer service or prize giveaways.

Even worse, fraudulent Facebook Pages or fake profiles often mimic legitimate companies, adding another layer of deception.

Financial scams: From deepfakes to fake legal services

While TSS is alarming, Financial Scams on Facebook surged even more – by 340% in Q2 2025.

These scams often come dressed as investment opportunities, legal settlements, or miracle products. Many rely on increasingly realistic visuals, including deepfake videos, to build trust.

Here’s how they usually unfold:

  1. An eye-catching ad (e.g. “Government program to erase debt!” or “Invest like this billionaire!”).
  2. A landing page that mimics news websites or testimonial pages to boost credibility.
  3. Some even offer help avoiding scams while secretly being scams themselves.
  4. You’re asked to fill out a form, chat with a bot, or call a number – all tactics designed to collect your personal and financial information.

Fake legal services are also on the rise. These schemes may promise compensation from lawsuits or data breaches, using stolen logos and persuasive copy to reel you in. But instead of receiving a check, you may find yourself defrauded – or worse, a victim of identity theft.

Browser hijacking and malicious push notifications

In a newer twist, some scams use malicious code to hijack your browser and deliver persistent scam content even after you've left the original site. These push notifications mimic system alerts or antivirus warnings, and they’re incredibly hard to shake once you’ve clicked “allow.”

We’ve seen a 300% increase in these deceptive browser alerts – especially those initiated through ad redirects or scammy landing pages.

Real-world example: Sextortion & fear-based scams

Some scams don’t go after your wallet right away – they go after your fear. Sextortion scams have seen a 100% increase in risk ratio, relying on messages that claim you’ve been recorded doing something embarrassing and that you must pay to avoid exposure.

These scams often begin on social media, where the attacker may send a message pretending to know you, or lure you in with flirty comments or fake video links.

How to spot a social media scam

Here are a few red flags to watch for:

  • Too-good-to-be-true offers (miracle cures, debt forgiveness, government grants)
  • Urgent warnings about your account being hacked or needing immediate support
  • Deepfake or overly polished ads featuring celebrities or news anchors
  • Requests for payment via gift card, crypto, or wire transfer
  • Generic names or misspelled URLs in ad links
  • Pushy pop-ups asking you to call tech support

If you’re ever in doubt, don’t click, don’t call, and don’t reply.

What Norton is doing to help

At Norton, we continuously monitor scam trends across all digital platforms and devices. Our security solutions help:

  • Block scam websites before they load
  • Warn you about malicious browser redirects
  • Detect scam ads and fake tech support pages
  • Protect your personal and financial data from phishing attempts

Awareness is your first line of defense. By understanding how these scams work – especially on social media platforms– you can reduce your risk of becoming a target. Tools like Norton 360 Deluxe can help safeguard your devices from online threats hidden in scam messages, fake ads, or fraudulent transactions, while also protecting your privacy across the web. Anyone can be targeted. That’s why it’s critical to recognize the warning signs and stay prepared to act if a scammer tries to trick you.

Stay safe: 6 quick tips for avoiding social media scams

  1. Don’t click on suspicious ads or messages – even from friends. Their accounts could be compromised.
  2. Use strong, unique passwords and enable two-factor authentication.
  3. Turn off push notifications from unknown sites.
  4. Check URLs before clicking, especially on ads and forms.
  5. Report suspicious content directly to the platform.
  6. Install trusted security software (like Norton) to help spot scams in real-time.

Scammers are opportunists. As platforms evolve, so do their tactics – and Facebook, with its massive reach and personal touch, is a prime hunting ground. But by staying informed, thinking critically, and using reliable security tools, you can scroll, share, and chat with confidence.

EL
  • Emily Lockwood
  • Staff writer
Emily Lockwood covers various cybersecurity topics, primarily focusing on identity theft.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 

Contents

    Want more?

    Follow us for all the latest news, tips, and updates.