Consumer rights organisation Which? has urged regulator OfCom to investigate allegations that Facebook has failed to deal with scammers hacking people's accounts and using them to sell fake tickets to in-demand concerts, including Taylor Swift's upcoming UK shows.
Which? was responding to a new BBC report about the ticket fraud scam, in which a number of people whose Facebook accounts have been hacked recounted the challenges they faced when reporting hacks to the social media company. Those challenges meant that fraudulent messages - that appeared to have been posted by the hacked Facebook users, offering Taylor Swift tickets for sale - stayed online for longer, resulting in more people falling for the scam.
“If Facebook does not respond to reports of accounts being hijacked by scammers, this is completely unacceptable”, a Which? spokesperson said. “This is exactly the type of failing that OfCom should be prepared to take strong action against using the Online Safety Act, including potentially issuing fines. The regulator must also hold platforms to a high standard to prevent these scams from happening in the first place”.
The UK Online Safety Act was passed last year and introduces new obligations for online platforms regarding harmful content. The new rules are being phased in over 2024, with the current focus being measures to protect children online. As part of that, earlier today OfCom published a draft Children’s Safety Codes Of Practice.
However, there are plenty of other new obligations in the act, especially for the biggest online platforms. That includes dealing with fraudulent advertising. The act says that platforms must have measures in place to prevent individuals from encountering fraudulent advertisements, to minimise the length of time for which content of that kind is present, and to take down such ads when made aware of them. OfCom will work on implementing that part of the act later this year.
In the BBC report, one Facebook user, Kerry Plant, tells how two of her friends lost more than £300 each after being duped by a fake Taylor Swift ticket ad posted in her name.
She says that she followed Facebook's guidance on how to report the hack, sent fifteen emails, tried contacting Facebook and its owner Meta via other social platforms, and even sent an email to Meta boss Mark Zuckerberg. She got no response. The social media firm finally acted when contacted by the BBC.
Plant says, “It’s upset me quite a bit that I've not been able to stop this happening, and that Facebook hadn't responded to me, despite quite a lot of effort”. Had Facebook responded quicker, she adds, they could have prevented more people being scammed out of money.
Responding to the BBC report, Facebook says, “We are continually investing in protections against fraud on our platforms and work closely with law enforcement to tackle this issue. We take the safety and security of our community seriously. We encourage everyone to create a strong password, enable two factor authentication and to be suspicious of emails or messages asking for personal details. We also have a feature called Security Checkup to help people keep their Instagram and Facebook accounts secure”.