NEWYou can now listen to Fox News articles!
cry
You might already know that Facebook’s biggest strength isn’t the social media platform itself, but the user data it collects.
The data we hand over without thinking twice is what this multibillion-dollar company uses to generate revenue. It sells that data to advertisers, who then try to make money off you by showing ads in the hope that you’ll buy their products. I’ll admit, sometimes the ad platform can be beneficial by connecting small businesses to potential buyers.
However, since Facebook allows almost anyone to advertise with minimal moderation, it often leads to dangerous scams. Security researchers have found that a persistent malvertising campaign is plaguing Facebook, leveraging the reputations of well-known cryptocurrency exchanges to lure victims into a maze of malware.
16 BILLION PASSWORDS LEAKED IN MASSIVE DATA BREACH
An iPhone with Facebook login screen. (Kurt “CyberGuy” Knutsson)
How the Facebook crypto scam works
Bitdefender Labs reports that a malicious ad campaign has been running on Facebook for several months. The attackers use deceptive ads that imitate popular cryptocurrency brands like Binance, TradingView, ByBit and MetaMask. To make the scams seem legitimate, the ads often feature familiar faces such as Elon Musk, Cristiano Ronaldo or Zendaya.
When users click the ads, they land on fake websites that look nearly identical to the real ones. These sites prompt visitors to download a so-called “desktop client.” That download serves as the entry point for a sophisticated malware system.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Instead of delivering malware directly, the fake site launches a silent server on the victim’s device. This server then connects with a back-end channel to receive malicious instructions. The method makes it harder for traditional security tools to detect the attack.
To avoid exposure, the attackers also use advanced filtering and tracking tools. If a user doesn’t arrive through specific Facebook ad links, the website may show harmless content instead. The site also checks for automated tools or sandbox environments designed to catch threats. In some cases, it even blocks access unless the user opens it in Microsoft Edge, showing blank pages in other browsers.
Screenshot showing a malicious Facebook ad. (Bitdefender)
How hackers use fake Facebook pages to spread malware
Bitdefender researchers found hundreds of Facebook accounts involved in promoting the campaign, sometimes posting over 100 ads in a single day. While many of these ads are taken down quickly, they often rack up thousands of views before disappearing.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
One Facebook page perfectly imitated TradingView’s official account, including fake comments, posts and imagery, except for the redirect links that led to the malicious clone. The victims targeted tended to be men interested in technology and finance, and some ads specifically honed in on users in Bulgaria and Slovakia, showing how attackers fine-tune their campaigns based on geography and demographics.
An iPhone with Facebook login screen.
6 ways to avoid Facebook crypto malware scams
As this Facebook scam shows, cybercriminals are getting more creative and more convincing by the day. These tips can help you stay a step ahead.
1. Don’t trust ads just because they look familiar
Scammers have become masters of visual deception. They replicate branding, use celebrity endorsements and mimic official pages to give their ads an air of legitimacy. In the Facebook malvertising campaign, attackers used names like Binance and faces like Elon Musk to earn trust instantly. Instead of clicking on ads, it’s safer to visit the company’s official website directly by typing the URL yourself. Take a moment to verify with official social media accounts or customer service if you’re ever unsure about an ad’s authenticity.
2. Avoid downloads from ad links and install strong antivirus software
In these attacks, users were tricked into downloading what appeared to be desktop apps for trusted services but were actually malware installers. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com/LockUpYourTech.
3. Keep your browser up to date
Interestingly, the attackers in this campaign used browser filtering to avoid detection, even prompting users to reopen the site specifically in Microsoft Edge. Using a secure browser like Firefox or Brave can help, and keeping it up to date ensures you’re protected against the latest threats. Tools like content blockers or script filters can also help stop malicious behavior before it starts.
4. Pay attention to the subtle red flags
Even the most convincing fake websites often have tells, whether it’s a slightly off-brand URL, an odd layout or messaging that feels rushed or generic. A secure URL should begin with “https://” and match the official domain name. If a site urges you to act quickly, promises high returns or asks for personal information up front, take a step back. These emotional pressure tactics are a hallmark of modern scams.
5. Add two-factor authentication (2FA) to lock down your accounts
Two-factor authentication (2FA) can provide an additional layer of security in case your accounts are compromised. Even if you accidentally fall for a scam and your login credentials are stolen, 2FA makes it significantly harder for attackers to access your account without the second verification step.
6. Use a data removal service
While no service promises to remove all your data from the internet, using a personal data removal service can reduce your risk of being targeted in the first place. These services continuously scan data broker sites and request removals on your behalf, helping to keep your contact info, location history, and interests out of the hands of advertisers and potentially scammers. Given how this campaign leveraged Facebook data to target users interested in crypto and tech, the less data available about you online, the harder it is for attackers to personalize their scams.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan.
CLICK HERE TO GET THE FOX NEWS APP
Kurt’s key takeaway
Facebook’s failure to rein in malvertising doesn’t just put users at risk. It undermines the entire point of its ads platform. If people start associating Facebook ads with scams and malware, they’ll stop clicking. And when that happens, advertisers lose money on impressions that go nowhere, eroding trust in the platform’s ability to deliver real, safe engagement. For a company that relies so heavily on ad revenue, letting these threats slip through isn’t just careless. It’s self-destructive. If Facebook doesn’t get a handle on this, both users and advertisers will eventually look elsewhere.
Do you think social media platforms are doing enough to combat online scams? Let us know by writing to us at Cyberguy.com/Contact.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER.
Copyright 2025 CyberGuy.com. All rights reserved.
(Except for the headline, this story has not been edited by PostX News and is published from a syndicated feed.)