Menu Close
nclocal 0 Comments

Hey NCL family & fans!

Well… it happened again. Just like always, a nice weekend afternoon was ripped apart by our scramble in the off-hours to try and fix a Facebook post from a spoof site. In trying to scam our faithful fans and followers, the Facebook ruse tries to lure individuals to a bit.ly link that is pointed to a linkfly page. It then redirects the unsuspecting user again to a fake login form, or a data collection form to try and scam innocent folks out of their credit card, personal, or email information.

Unfortunately, these scammers are pretty effective. They use some pretty sneaky tricks to try and look as legit as possible. However, if you KNOW what to look for then you can quickly see the difference between a REAL Facebook page (like ours) and a scammer’s attempt to fake a page for your personal info. As a bonus, I’m also going to show you how you can easily report them to help eliminate them from the FB community and keep the space safe for all. Lets dive in!

The Real vs Fake

When you have a look at our page today, you will be greeted with our summer banner and matching profile image. On the desktop, you will also notice the URL of the page is simply facebook.com/northcountrylocal. That’s it. No hyphens. No Numbers. Just the three words, spelled correctly:

…However, if you were to view the Fake page, though eerily similar, you may notice a few differences right away. Notice the URL for this imposter page is filled with bold lettering (more on that below) hyphens and numbers? Although this is only shown on a desktop page, this is a dead giveaway to the fake site. Also, other noticeable differences are the lack of the @northcountry local below the name, the different blue buttons on the page and the lack of the website link below the Learn more button. In addition, I do think the REAL North Country Local page has more than one like, don’t we?

Lets look at these two pages with the mobile view now, and compare the differences side by side. Can you tell the fake page from the real one? Really, besides having the same images and the “same name” (again, not quite, more on this soon), the page is nothing like ours. We have over 300 5 star ratings, 15,000+ followers (many of whom will show up as your friends) and most likely, you already like us. As for the imposter.. not much going on there. Also notice, like with the desktop version, the blue button asks you to like and there is no official URL to northcountrylocal.com:
real ncl mobile screenshotfake ncl mobile screenshot

The Faker’s comments: Dead giveaway

Now, if you follow North Country Local at all, and you watch how we operate, we go to great lengths to showcase our partner pages. Our posts discuss the business we are featuring, talk about their location and services or products, and give instructions on how to enter. We NEVER ask you to log into a page to accepting awards or prizes. However, this is generally what the imposter page asks for. Have a look:

Example of an imposters post will often use singular when referencing themself. “My” comment. “My” reward. NCL is a company and we refer to ourselves as “We” and “Our”

It is a single post with a very brief (copied) paragraph from our original post. Then some fake notice about a comment from “me” and how to redeem to receive the “reward”. Also, we only give away a single prize with each of our posts. Never will we give MULTIPLE prizes away in the SAME post. This just looks silly! How many congratulations did these fakers send out? Unfortunately the spammer’s don’t follow this simple rule and this is what generally gives them away as imposters. It’s sad too, because some fans see these comments and think they won. This creates a terrible nuisance for all involved. Thankfully many, if not all, of our fans that we reach out to fix the situation, understand our system and accept the news of not winning with understanding.

multiple awards in apost
Multiple posts that “Congratulate” users is a clear indicator that the posts are fake and simply there to try and lure users to click through their bitly link. Don’t fall for it.

But that name though…

You are right. the name DOES look just like ours. Kindof. Without getting too technical, the letters you see that are bold, are actually encoded letters often found in URL strings. Ever see a URL that looks something like this:

https://www.example.com/folder/%F0%9D%97%A1

Well that %F0%9D%97%A1 is actually encoding that allows the browser to “see” the string as something else entirely. In this case, that string of letters, numbers, and percentage signs actually means 𝗡. Not just ‘N’ but a special character version of the letter N. These special character, like math symbols, or foreign accents, etc are generally hidden from a standard keyboard.  They are accessible, however, through the windows Character Map app. The site urldecoder.org explains character encoding for a URL as:

URL-encoding, also known as “percent-encoding”, is a mechanism for encoding information in a Uniform Resource Identifier (URI). Although it is known as URL-encoding it is, in fact, used more generally within the main Uniform Resource Identifier (URI) set, which includes both Uniform Resource Locator (URL) and Uniform Resource Name (URN).

The image below actually shows the decoded name of the imposter Facebook account.

url decoder

This is the sneaky part I was talking about. It is actually kind of sophisticated way to skirt the standard usage of the fonts available in Facebook. Unfortunately, because of the global use of Facebook, these special characters can’t be hidden. If they were then we would never see the Spanish ñ, or special vowels like é, å, ō, or ö.

Reporting the Fakes

Now that you have some insight on how to spot the fake accounts, hopefully you can help us combat against them. I’m pleased to say that the Facebook reporting tools to eliminate the spam and false sites are getting better all the time. The tools are built right into the page themself and their team of workers goes through the process manually to eliminate them from the community. It isn’t an immediate change as there is some oversight in the process, however, the response time is fairly quick. So if you will, allow me to walk you through the process of reporting these fake accounts.

STEP 1 – Report

To begin the report of the page, click the three dots on the right side of the page. On a desktop device  it will be next to the search icon. Simply click on “Report Page” to begin the reporting process. On mobile devices the buttons will appear to the right of the message button. Here the options are a bit different, however, simply clicking “Find Support or Report Page” will lead you down the same steps for the following three sections. The images below show where the report button is located. Note the single person that liked/follows the fake account, as opposed to the 15,800+ that follow ours.

report fake instructions step 1
Report the imposter page on the Desktop by clicking the three dots to the right side and above the feed.
mobile report fake instructions step 1
Click “Find Support or Report Page” to report a page on a mobile device.

STEP 2 – Type of report

This first screen gives a wide range of options for reporting pages. For our situation, we recommend submitting within the “Scams and Fake Pages” section as that best describes our scenario. Often times we will also use the Intellectual Property ourselves as the scammer is using our images, name, and logo, but it requires verification of information to prove the page is a fake. it’s public info and you *could* do it, but it’s a bit lengthier of a process, so we won’t go into it here. We should note that the following screens are for desktop devices, however, the menus are identical for mobile.

report fake instructions step 2

STEP 3 – Designate the Imposter

This step allows you to designate how the page is a fake or a scam. There are a few options here that might work for our case, however, the BEST option would be the impersonation option, or “Pretending to be Another Business”. This identification is best, even though it is a fake page, it is a misleading page name change, and eventually they may ask for financial information.

report fake instructions step 3

STEP 4 – Define the original

Now that you have stated that the page you are reporting is a fake, Facebook wants to know who they are impersonating. By typing in “North Country Local” into the search bar, you will be able to look up our page… it’s the one with waaaaay more people that like us. Click on our page to designate us as the original, and submit the form.

report fake instructions step 4mobile report fake instructions step 4

Once you have finalized the form you have officially submit the fake account into a queue for review. Generally it takes a few days for the page to be officially blocked, but we’ve seen a response in as quick as 6 hours or so. Hopefully if enough people submit the form indicating the bad apples on Facebook, the system will isolate and ban them faster. One can only hope.

Final steps

linkfly landing page
Linkfly is a legitimate site that will quickly eliminate fake or scam pages to try and keep it’s relatively new name clean from the bad press

As a final pass on helping us to clean up from these imposters, you can also submit a report on the site that is hosting their landing page form the link on Facebook, in this case a Linkfly site (or bitly, or Linktree, or google etc…). These legitimate sites don’t want to be a playground for illicit activity, so they are generally pretty swift to react too. Sometimes faster than Facebook actually. The imposter page will link to a very generic looking placeholder page. It’s sole purpose is to redirect you to another landing page with a form of some sort to collect your personal info such as email, or credit card information.

Report the Landing Page

You will notice, at the bottom of the Linkfly site that the fake account has used as a landing page, there is a “made by” link in the footer. If you click that link, it will take you to the Linkfly homepage. From there you can go to it’s footer and click on “Report a Violation”. The images below will show you where to click on the landing page of the imposter. It also shows the footer of the Linkfly page to report the fake site:

linkfly report 1
Click on the “Made with” link at the bottom of the landing page to begin the report process.
linkfly report 2
In the footer of the main Linkfly site, click on “Report a Violation”

 

Once you are on the violation reporting page, fill in the information to the best of your ability. It will ask you for the link of the offending page in order to fill out the report. In this case, it will be the URL of the Linkfly landing page that “Congratulates” you with winning. It will also ask you to describe what they are doing that is illegal or a violation in order to fill out the form to submit it. You can add in a paragraph that states something along the line of:

“This page is using Linkfly to scam users from Facebook into thinking they won a prize only to steal personal information and credit card data for illegal purposes”

Of course you can add whatever you want to the form for your reasoning. However, using a full sentence with legitimate reasoning is more likely to resonate with the reviewer. This will in turn speed up getting the page closed down. Here is what the Linkfly form looks like:

linkfly report 3

In closing, be sure to be vigilant on your end. Make certain that the pages, posts and comments that you interact with on ANY site are legitimate. It is easy to see how sophisticated and nefarious users be. They can quickly hijack a post and use it for their own dastardly deeds. Stay safe out there!

Tagged , , ,

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *