Free Facebook Credits? It’s another scam spreading virally

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Scam messages appearing to offer free Facebook credits are being seen on Facebook. Here’s an example:

Free Faceebook credits. Want free facebook credits?

Want Free Facebook credits go to <link>
Free Faceebook credits
Want free facebook credits?

(Note that they spell Facebook incorrectly in many of the examples as “Faceebook”)

Sign up to our free newsletter.
Security news, advice, and tips.

Facebook Credits are the currency used on Facebook to buy virtual goods inside games and applications on the Facebook platform. Normally you purchase them with your credit card or PayPal, but clearly there are plenty of Facebook fanatics who would love to receive them for no charge.

So, it’s not a surprise that some users are clicking on the link offering free Facebook credits, and being taken to the following Facebook page.

As we’ve seen in the past, this Facebook page has been created with the intention of getting users into publicising the link to their other Facebook friends.

The page uses a clickjacking technique, whereby clicking on the red and blue boxes will actually invisibly update your Facebook profile with references about how to get free Facebook credits.

If you do agree to click on the red and blue boxes, you’ll be taken to a page not hosted on the Facebook website (but amateurishly pretending to be a legitimate Facebook page) still claiming to offer free Facebook credits.

But if you persist, and continue to click on the links you will find that you are visiting webpages that ask you to sign up for a rewards program or take online surveys. The scammers behind the Facebook Credits messages earn 50 cent commission for every person that enters their information and verifies their email address, and another 50 cents for every person that completes an offer.

Have you received any more Facebook credits after all this? Sadly, no.

But your profile has been updated – in order to advertise the scam further. Check your Facebook profile, and remove references to the Free Facebook credits offer from your feed, unlike the page, and be more cautious in future.

Be on your guard against suspicious posts made by your Facebook friends, and if you want to learn more about security threats on the social network and elsewhere on the internet, join the Sophos Facebook page.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.