It is not new that social networks are mainly financed by advertising. None of them would be crazy to charge users for access, since in this market every careless movement can be fatal.
On Instagram, the ads came slowly, but today they are already a reality in the main feed, in the stories and even in the platform’s exploration guide. Showing that it is a Facebook product, its advertising policies are dubious to the point of making life easier for criminals.
Who has never crossed Facebook and seen a sponsored publication of a page that simulates being a big retailer like Americanas, Magazine Luiza and others? These pages copy the visual identity of these companies and only change the name, which may go unnoticed by the most inattentive users. After all, you believe you are safe since the platform has approved that sponsored publication, which should be carefully analyzed beforehand.
The practice has also been adopted by scammers on Instagram to apply the famous phishing scams. Low prices are offered and attract the attention of the user, who opens the link and ends up on a fake website.
The newest company to be used by criminals is fintech Nubank.
Fraudulent ads appear between stories and draw attention when offering 50% discounts on Uber, shows and e-commerce. It is very easy to be convinced to open the link. After all, in sponsored publications just drag a flashy message up for the user to open the page and Instagram to earn their money.
The victim is then directed to a page asking for his CPF, login password to the Nubank website and the card password. And yes, this information would be sufficient for a series of activities within the fintech app. Note that even without the app showing the main card information, with the card password confirmation it is possible to generate a virtual one and use it linked to the physical model.
There may be many possible discussions around the topic of advertising, such as allowing or refusing to broadcast political pieces, for example. This is a field more on the side of morals and ethics, and in countries that have sought to legislate on the subject, even that of legality. But what Facebook and Instagram allow by “generalizing” their services to advertisers without a minimally effective review is that their platforms are used for typically criminal practices, such as this case.
Of course, users can report such publications when they encounter one. A menu is offered and asks you to provide details about the problem with that post. But should it really be the role of the user to act as a moderator for these platforms?
Remember, the user can take some precautions to protect himself: always check if the publication is part of the official page of a company to which the piece seeks to be associated. This can be detected with the presence of a verification stamp on the page, Twitter or Instagram profile.
In addition, when opening the link confirm that it is the official domain of that store, and not a site with a similar name or with a different ending (for example, .net.br instead of .com.br).
With a little care you can avoid a series of headaches. Digital security is an increasingly relevant topic, and of course, companies could be helping a lot more on this topic if they took some extra precautions.