Social engineering attempt on Facebook offering reduced rates for local commuting services
In a concerning development, public transit phishing scams have become a widespread global issue, affecting numerous regions and cities on platforms such as Facebook. Countries like France, Spain, the UK, and Germany are among those hardest hit by these fraudulent activities.
These scams, which often disguise themselves as official communications from public transit operators, are part of broader online scam activities. While specific data on public transit phishing scams on Facebook may not be readily available, government transportation agencies like New Mexico's Department of Transportation (NMDOT) have issued warnings about phishing scams that falsely claim to issue traffic tickets[1].
These scams typically request credit card payment details for the supposed purchase of discounted transit tickets. However, the data collected by these phishing sites do not go to the public transit operator or network whose name has been misused. Instead, the information is likely used for fraudulent purposes[2].
Users who encounter such scams are advised to exercise caution. Here's what you should do:
1. Do not click on suspicious links or respond to messages about unexpected fines or tickets[1]. 2. Avoid sharing any payment or personal information through unsolicited messages or calls claiming to be from transit authorities[1]. 3. Block and report the sender or profile on Facebook to help reduce scam spread[3]. 4. Stop all contact immediately if you suspect a scam[2]. 5. Report the scam to relevant authorities and platforms. For example, file complaints with platforms like Facebook and government bodies such as the FTC in the U.S.[2]. 6. Secure your accounts by updating passwords, enabling two-factor authentication (2FA), and monitoring for suspicious activity[2]. 7. Stay informed about common phishing tactics and verify information directly from official transit or government websites instead of trusting unsolicated communications[1][2].
It's also important to note that more than half of the identified Facebook scam pages link to websites hosted on two IP addresses of a Russian provider. These scam pages affect over 700 cities and regions in 60 countries worldwide[4]. Spanish fact-checking organization Maldita.es has identified over 1,000 such scam pages on Facebook[5].
In Germany, 16 scam public transit pages on Facebook have been identified. Users who have fallen for these scams should file a report with their local police or the online police station responsible for their area[6].
As these scams continue to evolve, it's crucial for users to remain vigilant and report any suspicious activity to combat these frauds effectively. By doing so, we can help protect ourselves and others from falling victim to these online threats.
Cybersecurity efforts should address the growing problem of public transit phishing scams, a general-news issue that exploits technology to commit crime-and-justice activities. For instance, warning users not to click on suspicious links claiming to be from transit authorities and alerting governments about scam websites is a crucial step towards improving cybersecurity measures.
