In view of the parliamentary elections in North Macedonia, scheduled for July 15th, activities with which citizens are being manipulated on social networks are on the rise. Commercial brands, most of them banks, have been abused by fake and/or non-transparent Facebook pages, which gathered likes and built an audience, mostly administered from Serbia. There is also a tendency of including so-called third parties, in other words, entities whose main occupation is E-commerce, which opens up the dilemma of the degree to which such activities are really driven by financial interests, and the degree to which they are in the function of disinformation.

 

Noted Incidents with Fake Prize Games

Two or three weeks before the official start of the election campaign for the parliamentary elections, on the social network, Facebook manipulation of Facebook users appeared, through postings about false awarding of certain free gifts, like for example a pool, electric scooter, awning, financial awards (the post has been deleted, but it was a fake prize game in which the logo and the name of the television channel „Сител“ were abused) in the range of MKD 3,000 – 6,000 (approximately 50 to 100 euros). At the outset, it should be noted that there are truly exceptions out there that truly award so-called giveaways or gifts, and this text is not intended to discredit them. On the contrary, we encourage those brands to share this content, as well as to be aware of possible abuses.

Case number 1. The following link shows a Facebook page that does not deal with E-commerce at all, publishing a picture of awnings and stating that: In the next 48 hours we will donate 150 awnings. Everyone who will like and share this page, they will also receive a gift! The image has collected 1,900 emoticons, 840 comments and as many as 6,500 shares so far.

This Facebook page publishes seemingly humorous posts that are actually not honest humor. For example, graphic content with discrimination and misogyny for the Minister of Defense, Radmila Sekerinska, graphic content that encourages ethnic intolerance by presenting that the citizens of Cair,  where predominantly Albanian population lives, are privileged – “You will eat three-days-old bread while in quarantine and in Cair they go shopping and are freely eating burek. But keep quiet, put the bread in the microwave oven and it will soften, just like your brain ”, or glorification of Putin.

Case number 2. Similar manipulation, but this time it’s about donating electric scooters, posted by a Facebook page that sells sneakers. The post „In the next 48 hours we will donate 5 electric scooters. Everyone who will like and share the site will receive a gift as well! Note: Children bellow 15 years of age are prohibited from participating, to the rest of you good luck…” has amassed over 5,500 emoticons, 3,000 comments and unbelievable 14,000 shares. At the moment of publication of this analysis, the post has already been deleted.

Case number 3. A photo published by a fake page, which uses the name of NLB Bank, is being shared these days. As a matter of fact, two identical photographs which have an identical description are in question, but actually they are two different posts, i.e. an identical photograph with an identical description has been published twice in a short time period. The picture’s description states: „
This year NLB organizes a gift for a voucher in the amount of 300 euros. All you have to do is: LIKE, SHARE, and send a message: I love NLB. We are announcing the winners on our site on 17.10.2019. GOOD LUCK“

The photographs were published on 16.10.2019, the same day the Facebook page was created. Obviously, this is an attempt to instantly attract audience through manipulation. The total amount of reactions on these two photographs combined amount to: 3,300 emoticons, over 2,400 comments and 3,400 shares. On June 19th, NLB Bank Skopje published a rebuttal on its real Facebook page. This is not the first time that NLB Bank’s logo and name have been abused.

The fake Facebook page is still active, and it can be seen that its two administrators are from Serbia.

Case number 4. NLB Bank was not the only target of such fraud. „Стопанска Банка“ also published a rebuttal on June 20th, 2020, stating that a fake prize game is currently taking place on a fake Facebook page bearing the bank’s name. Interestingly, in this case, the fake Facebook page has one administrator from Serbia and more than 4,600 followers, from which it can be concluded that this is not a case of misuse of a certain commercial brand, but rather it is a manipulation of thousands of citizens by the administrator of the page.

Case number 5. The logo and the brand of Sparkasse Bank were abused as well. On June 21th, they published a rebuttal on their Facebook page stating that in the moment the bank is not organizing any kind of lottery. In this case as well, the technique was the same: from the photo on the fake Facebook page you can notice that it was created on June 20th, 2020, and among the first posts is the one about the fake lottery.

Case number 6. Despite the fact that the previous cases relate to serious abuses, the most outrageous and largest fraud comes from a Facebook page that sells online, where there is no consumer protection, i.e. there is no website or legal entity, much less can one see who is behind such online sales on Facebook. On June 1st the following post was published: „In the following 48 hours we will donate 1,000 pools. Everyone who will like and share the page will receive a gift.“ What is noticeable at first glance is the improper use and writing in Macedonian. At the moment of publication of this analysis, the post is deleted.

Case number 7. In addition to the involvement of certain Facebook pages that are selling products on Facebook, without any transparency, and the attack on several banks, the national television SITEL was also abused. On June 20th, the television station published a rebuttal which stated that a fake Facebook page was using their name and logo, promoting a fake lottery. The fake Facebook page has since been deleted.

 

Incidents noted in the past

On several occasions in recent years, like for example on August 28th, 2019, the Ministry of Interior of North Macedonia announced that criminal groups were collecting personal data from Macedonian citizens through fake prize games on Facebook, and spokesman Toni Angelovski said, “Most often these Facebook profiles are created in other countries and therefore the Ministry of Interior cooperates with the police organizations in clearing up these cases”. On March 21th, 2020, the Ministry of Interior again appealed to the citizens not to fall for the fake prize games on the social networks. By the end of 2018, several large companies were targets of such fake prize games posted on Facebook, and among them were: KAM, Tinex and Makpetrol.

 

What is the goal and what are actually these frauds

The main goal of such scams is to gather as many likes or followers of a certain Facebook group as possible. In this way, fraudsters reach a large number of users. Additionally, the more shares and interactions a certain Facebook post has, the more the Facebook algorithm increases in scope and reaches a larger number of users. Why fake prize games? Most often, the topics that are used to manipulate the citizens in this way are emotional. In that sense, the economic situation of some of our citizens is being abused, and of course there is also the psychological element of “getting something for free”.

After a while, administrators can change the name of the Facebook page, but most often they change the focus. There are many examples when certain Facebook pages initially shared humor, satire, entertainment, etc., topics that are interesting to many citizens. But, at a crucial moment, for example, during the disinformation campaign, they change their focus and start sharing fake news or some sort of political propaganda. Furthermore, the Facebook page can also temporarily be deactivated and then reactivated again. People often start following such Facebook pages for fun, and when the pages change their focus, citizens unknowingly start reading fake news and narratives on Facebook.

Although at first glance the impression is that brands and logos of banks are being misused in order to build up audiences and gather likes, nevertheless this increases the mistrust in the institutions. In this particular case, it is an organized attack on the banking system. In times of pandemic and various conspiracy theories, in which banks are mentioned as part of the “elite” that rules the world, and when we have disinformation about the devaluation of the denar, which F2N2 wrote about, such trends must not go unnoticed by the state institutions. In addition to the fact that banks are part of certain conspiracy theories, in this case the citizens end up being manipulated, and some of them may even “get angry with the banks because even though they shared the post, they did not receive the promised reward.” Rebuttals are not enough because the damage has already been done, trust has been undermined.

In the end, although not the least important, such activities are part of the so-called “Social engineering”. In a study published in 2014, in … ”Social and Personality Psychology Compass” Titled “Weapons of Influence Misused: A Social Influence Analysis of Why People Fall Prey to Internet Scams” written by researchers within the Media Knowledge Research Center at the University of Alabama.
Social engineering in an online context, according to this paper, is a way of gaining access to systems and data through the abuse of human psychology, instead of using “traditional” hacking methods. Due to the ease with which information is sent and received online, social engineers using “free or awarded goods and services” have the opportunity to quickly access the data of a number of potential victims who, in addition to possible financial damage (“personal and financial data ”) can also be used to impose certain harmful impacts and misinformation. In the context of the events presented in this analysis, the most important element and question is why Facebook users tend to engage in such scams. One of the authors’ explanations is that “like” is due to the tendency to be likable, similar, and influential. That is, likes are equated with a relevant source of information, something that is one of the tools, even a prerequisite, for social networks users to become victims of such social engineers and their scams.

These activities also have the characteristics of hybrid attacks, mostly due to the techniques they use, as well as the involvement of administrators from third countries. As one can infer from the text, such activities are repeated very often in our country, and the latest trend occurred before the start of the parliamentary elections, which indicates a risk for the elections themselves.

A more organized social action is needed that will involve relevant stakeholders. The state must not ignore this trend in the name of “freedom of speech”, because this is everything except freedom of speech.

 

Growing Trend of Use of Commercial Tools and Actors

On May 10th, 2020, the Financial Times published an article entitled “New Artificial Intelligence Tools Spread False News in Politics and Business.” A brief analysis is worth reading, but what we are emphasizing is the statement of Camilla Francis “Whether for political or commercial purposes, many perpetrators have become wise to the technology that the internet platforms have developed to hunt out and take down their campaigns, and are atсоциијtempting to outsmart it.” She also emphasizes that “забележан е растечки тренд на операции во кои се ангажираат трети страни, како на пример маркетинг групи, за да спроведуваат misleading активности за нечии потреби. This burgeoning “manipulation-for-hire” market makes it harder for investigators to trace who perpetrators are and take action accordingly.”.

In addition to the cases presented in this analysis, F2N2 registered other similar so-called commercial Facebook pages that were part of the disinformation campaign for the 5G technology, which took place on March 27th, the day that North Macedonia became a NATO member. The full analysis published by F2N2 can be found here. One of the “stories” used to misinform the citizens was a statement by NATO Secretary General Stoltenberg, who never said that “Macedonia must have 5G network to join NATO.” An old statement, spun was recycled and shared on Facebook on March 27th. One of the groups on which the statement was shared is the „Купи-Продај“ group.

From the analysis it can be concluded that in North Macedonia in the past period thousands of citizens have been potential victims of social engineering and fraud. Citizens cannot be fully informed about whether someone has dishonest intentions, especially if they can receive some kind of reward in the form of service or good. However, what they can do is be very careful, especially when they come across an interesting offer that includes financial gain or emotional content, to check well who is behind it, and to think carefully before clicking like or sharing. According to everything we can see, we are all on the Internet one click away of becoming victims of various social engineers and fraudsters.

 

Think before you like, check before you share!

logo

FINANCED BY

sponsor

This project was funded in part through a U.S. Embassy grant. The opinions, findings, and conclusions or recommendations expressed herein are those of the implementers/authors and do not necessarily reflect those of the U.S. Government.

PARTNERS

sponsor
© 2024 F2N2.