In recent weeks we have seen a number of festivals targeted by a number of sophisticated Facebook phishing scams. We’ve documented how this has impacted Noisily Festival, to bring more attention to this industry-wide issue.
What Have the Scammers Been Doing?
Producing dozens of fake Noisily Facebook pages and events in an attempt impersonate the event:
Creating hundreds of official-looking live stream links to trick fans into clicking through and entering their credit card details.
Infiltrating our FB communities and sharing deceptive links:
Flooding the comments section of our posts with fake live-stream links:
Fake pages had been requesting co-hosting on their events on their pages. Their events were exactly the same as the official events:
Imitating Noisily Festival in the comments of our official social posts:
and even pretending to be part of the Noisily team, taking copy from older posts:
Noisily Festival had been fundraising to survive through the coronavirus pandemic for next year. Its final stage of fundraising was marked with a live stream on Sunday 12 July leading into an announcement that the festival would survive to 2021, thanks to many generous donations and support from the Noisily community.
However, these fraudsters managed to trick fans into entering their credit card details on this final stream, in a highly co-ordinated attack.
Many months of hard work from the festival’s production team and its partners were poured into the fundraising campaign.
What Was Noisily’s Response?
For the last few weeks we’ve had to delete 300+ posts and 500+ comments. Over 15 fake Noisily pages have also been reported to Facebook. Despite this, the scammers have consistently found a way to target our communications.
We have contacted Action Fraud regarding this scam, but have yet to receive a response.
What Can You Do to Protect Your Event?
- Turn off commenting on your posts. Do remember, this also stops comments from your fan base which would usually be encouraged.
- Proactively monitor your Facebook activity; comments and posts. This will require a team to monitor and review the posts and comments that are coming in to ensure no spam comments are getting through.
- Make sure you are keeping track of your entire Facebook page; comments and posts in your event, on your Facebook wall, in your Facebook community groups, and on every social post you do.
- Set up strong comment filters on your page that relate to anticipated kinds of abuse, for example, “https://” or “www.” or “watch now” for spammers. Blocking specific words, and turning on the profanity filter for your Page will help prevent the scam messages get through. You can go this in ‘General’ in your page’s settings. More info HERE.
- Any suspicious posts or comments found need to be flagged, reported and banned.
- Hide or delete any spam comments. Hiding them will allow you to keep track of how many you have received, but your followers won’t be able to see them.
- Ban any usernames/fake profiles you find commenting or posting on your page.
- Make sure your Facebook community groups have ‘membership approval’ on – be vigilant with who joins. If they have no existing friends within the community, a brand new Facebook page and in Bangladesh, they are probably not trying to come to your event.
- Reporting the pages will help Facebook keep track of them. How to report a page: https://www.facebook.com/help/171757096241231
- Report to Action Fraud: https://www.actionfraud.police.uk/ The more reports they receive, the quicker this situation will be dealt with for our community.
What Should You Look Out For?
- Pages of the same name as yours requesting to co-host your event, or you to co-host theirs.
- New Facebook profiles that have been created in the last month.
- Pages with no interests in common to your festival.
- Pages not in this Country; many of the requests we have found are coming from Bangladesh.
- Posting the odd word in your event to look legitimate before then moving in with a live stream post.
Have you or your events been affected by these scams? Let us know.