Fraudsters exploited Facebook's advertising system to display legitimate news domains while redirecting users to fraudulent supplement sales pages, with one campaign generating over 26,000 clicks through deceptive domain spoofing.
A security researcher discovered a widespread fraud scheme on Facebook's advertising platform where scammers created ads that displayed legitimate news domains like ctvnews.ca and btmontreal.ca in the ad copy, but actually redirected users to fraudulent supplement sales pages. The investigation began when the researcher encountered an ad claiming Sidney Crosby endorsed supplements, appearing to link to CTV News but actually redirecting to espn.l1dh.com and ultimately to supplement sales sites. Analysis of Google URL shortener analytics revealed one campaign generated 26,812 total clicks with 11,246 confirmed from Facebook. The researcher tested Facebook's approval process by creating an ad displaying cnn.com as the destination while actually linking to hunch.ly, which was approved without detection. The fraudulent sites used fake testimonials with stolen photos and likely enrolled users in recurring subscription schemes through 'free trial' offers. The scheme violated multiple Facebook advertising policies through trademark infringement, false information, and deceptive redirects.
Domain classification, causal taxonomy, severity scores, and national security assessments were LLM-classified and may contain errors.
Using AI systems to gain a personal advantage over others such as through cheating, fraud, scams, blackmail or targeted manipulation of beliefs or behavior. Examples include AI-facilitated plagiarism for research or education, impersonating a trusted or fake individual for illegitimate financial benefit, or creating humiliating or sexual imagery.
Human
Due to a decision or action made by humans
Intentional
Due to an expected outcome from pursuing a goal
Post-deployment
Occurring after the AI model has been trained and deployed