Facebook market place

[Mr Vlad]

After reading a post that there's an is350 for sale on Facebook market place I thought I'd have a look. 

I'm not on Facebook so I had to make an ID up to view.

What boggled my mind was How the Hell are is300h's on there for between £3&4k?

These cars must be missing a 1 in front of them. 64 plate and newer I saw and was gobsmacked. 

As Rasta Mouse says 'whagwahn' what's going on. I can only assume that Facebook have missed a 1 in front of the prices or they're all a con and spam of sorts.

What do you regular Facebook uses say?

[Lmafudd]

From the warnings I read in various papers and other media sources, it would appear that they take your deposit and run! 

It's the wild west out there!

I've always found that if it sounds to good to be true then it probably is. 

[Mossypossy]

One quick initial contact usually sniffs out the scammers. There are some genuine ones. I bought my car off there.

[Steve]

scammers are everywhere on FB.. totally stop buying from there unless its local

[GMB]

I remember when facebook ( or whatever it was called years ago ) was launched. The computer security company that I worked for issued a staff notice threatening instant dismissal if anyone subscribed to it!  Never gone near facebook or the other social media rubbish since then.  Turned out to be good advice.

[H3XME]

2 hours ago, Mr Vlad said:

After reading a post that there's an is350 for sale on Facebook market place I thought I'd have a look. 

I'm not on Facebook so I had to make an ID up to view.

What boggled my mind was How the Hell are is300h's on there for between £3&4k?

These cars must be missing a 1 in front of them. 64 plate and newer I saw and was gobsmacked. 

As Rasta Mouse says 'whagwahn' what's going on. I can only assume that Facebook have missed a 1 in front of the prices or they're all a con and spam of sorts.

What do you regular Facebook uses say?

There was a huge influx in scammers on Facebook in the past few months Vlad. Everything that looks too cheap is a scam. Funny thing is, most of the cars, regardless of age, value etc are all around 4k 🤣 You can filter through easily enough. 

Facebook marketplace is a very handy place for everything under £10k tbh. Higher value cars are better off on AutoTrader or even eBay classified listings, but you have to pay for those. Makes sense why you'd put a £800 sh1tter on facebook since you don't have to pay £20+ for listing it. I've sold most of my cars on Facebook but that's because they were all low value.

[MrTrendizzle]

I grew up in an age where we're told NOT to use our real names online for safety and such. Now if you don't use your real name you get banned from Facebook.  

As for sellers on FB so long as you avoid the 3 B's then you're normally fine. Obviously don't send money to someone you don't know and you're golden. Who needs a deposit if i've agreed to pick the car up within the next 2 hours.

[Boomer54]

They are also very lazy. If you go into the description you will find they have copy and pasted it. After just a little effort you will recognise their 'script' immediately just from that.

[H3XME]

47 minutes ago, MrTrendizzle said:

As for sellers on FB so long as you avoid the 3 B's then you're normally fine. Obviously don't send money to someone you don't know and you're golden. Who needs a deposit if i've agreed to pick the car up within the next 2 hours.

100% it's fool proof if you don't send money to people. Never asked anyone for a deposit nor will i ever send someone deposit (unless it's a legitimate garage ofc)

[Bob King]

Warning from one of the banks over Facebook scams….

https://www.santander.co.uk/about-santander/media-centre/press-releases/facebook-fraudsters-driving-off-with-thousands-as-car

[Mr Vlad]

Absolutely there's a load of scams on Facebook. I've personally reported 12 so far in just 2 days. How do I know they're scams? Because my Internet security tells me and I pass that info to Facebook. They've responded to each report I've made with thanks. 

What they'll do about those posts I've reported we'll have to wait and see. 

[H3XME]

8 minutes ago, Mr Vlad said:

Absolutely there's a load of scams on Facebook. I've personally reported 12 so far in just 2 days. How do I know they're scams? Because my Internet security tells me and I pass that info to Facebook. They've responded to each report I've made with thanks. 

What they'll do about those posts I've reported we'll have to wait and see. 

Absolutely f*ck all. I reported a bunch before because it pi*sed me off and nothing happened. The best you can do is "Hide" those listings or Block the profiles listing them.

[Bob King]

9 minutes ago, H3XME said:

Absolutely f*ck all. I reported a bunch before because it pi*sed me off and nothing happened. The best you can do is "Hide" those listings or Block the profiles listing them.

Absolutely sweet FA ! ….I’ve reported a car scam advert yet it keep appearing under different user names !

[Boomer54]

The problem is they likely have algorithm driven criteria for assessing ads. The things that alert us mean nothing to those algorithms. For example, you have the same SC 430 ad posted in about 4 or 5 different locations within the UK. Same price, same reg etc. However, when you report it they come back and report they are not going to cancel the ad as it does not breach their criteria. In that case all you can do is block the profile ( which means little as the scammers obviously have has many different profiles as they want), and of course hide the ad., but it will keep popping up under it's many aliases. Facebook probably will not get serious about scammers until someone decides  that by law they are liable for any fraudulent losses incurred via their platform. Nothing motivates like seeing your bottomline diminishing.

[Malc1]

Who owns Facebook now ? 
Malc 

[Boomer54]

1 hour ago, Malc1 said:

Who owns Facebook now ? 
Malc 

Yer collective masses owns it. Even me by proxy. irony does not escape me.

[Linas.P]

On thing that I found most disturbing, this is talking about IS300h in particular... I was looking around and also found hundreds of them for £5,000 (not 3,000 or 4,000, but still clearly too good to be true) and I started reporting all of them. Because I thought - well everyone complains, but nobody does anything about it and then it is "facebook fault"? So every time as I look for the cars, I would go and report dozen of them as scams. After few weeks I started getting notifications from facebook about reports I made and every single one was along the lines "we checked you report and we did not find anything suspicious about it, but thanks for reporting". NO... indeed nothing suspicious when same car is listed 3 times, in London, in Birmingham and somewhere else and the prices is probably half of what it normally costs... nahh that is alright.

In short - if car is more than £1000 below market price on facebook it is 99% scam. I don't know why in particular IS300h are so popular, but there are literally hundreds of them listed for absurd prices.

On 3/1/2024 at 9:01 AM, GMB said:

I remember when facebook ( or whatever it was called years ago ) was launched. The computer security company that I worked for issued a staff notice threatening instant dismissal if anyone subscribed to it!  Never gone near facebook or the other social media rubbish since then.  Turned out to be good advice.

I would quite such company next day - it is none of their business what you do during your free time. I would assume it was tiktok that they were worried about, because it is literally Chinese spyware, but still - you are employed by them, but not their property, so it is not for them to decide.

I guess context may be missing - not to install it on company provided devices, or any devices that has access to company network - fine... but not to register and not to use it on your own device during your own time? Who are they to tell it? Also this would 100% go as unfair dismissal if they tried to fire you for this.

[Mr Vlad]

What Gray said above Linas may have been put clearly. Personally I read it as if anyone downloaded it on any works computer. That is a company practice,  and especially a security company, a standard practice. 

I know of someone who many years previously downloaded porn on his computer, which was in a private limited access room, and that many years later got sacked for it.

It's quite difficult for me personally to find a genuine sale on Facebook market place. I don't mind that.

Apart from the sale of cars I was gobsmacked to see how many scams are on the dating sections. Geez it's like 99.999% scam from what I've seen.

[Malc1]

Personally speaking ……. My 100% owned online travel business genuinely promotes / advertises itself on Facebook from time to time and has some limited air travel ticket sales success …… from very satisfied online customers 

Not all Facebook advertising is fraud …….. 

We do of course advertise / promote with other social media too 👍

Malc 

[Linas.P]

1 hour ago, Mr Vlad said:

What Gray said above Linas may have been put clearly. Personally I read it as if anyone downloaded it on any works computer. That is a company practice,  and especially a security company, a standard practice. 

I know of someone who many years previously downloaded porn on his computer, which was in a private limited access room, and that many years later got sacked for it.

It's quite difficult for me personally to find a genuine sale on Facebook market place. I don't mind that.

Apart from the sale of cars I was gobsmacked to see how many scams are on the dating sections. Geez it's like 99.999% scam from what I've seen.

yeah, but in other hand I have seen businesses that are like that, who are kind of pervasive when it comes to personal life.

I would say... if it is really IT security company, then I assume they would have restrictions on their devices... and by policy I mean - you would not be able to even access prohibited sites, nevermind downloading something or installing something yourself. So if they need to ask employees not to do it on company devices then this is big issue, if they ask employees not to do it on their personal devices... it is also an issue, just different one. 

I myself also have taken offense to some of the training material (I work in highly regulated sector), because it implied that "I am representing company outside of my work" and I always been very clear, as soon as I finish work I live my private life and I will do whatever I pleased. Also employment tribunal agrees with this view, so any disciplinary action or dismissal outside of work would count as unfair. 

I have bought several things on facebook and have no issues with it, but I have noticed and I agree that facebook is full of scams, everything that is too goo to be true is not just bargain or good deal, but almost always a scam. Also it seems facebook doesn't take it seriously like other sites (eBay, gumtree), so I am always extra careful when shopping there. But I have seen actually good deals on wheels, some car parts, furniture etc. PC parts seems to be 50% scams, car adverts seems to be like 70% scam, but there are certainly some genuine ones, just don't expect to buy a car that is worth £9,000 for £3,000.

[GMB]

27 minutes ago, Linas.P said:

yeah, but in other hand I have seen businesses that are like that, who are kind of pervasive when it comes to personal life

The company I worked for had a 24/7 contract. On call any time of day or night. A worldwide private VPN for all our network traffic use and full monitoring of all their/our remote devices. We were 100% logged in to the servers at all times or nothing worked.  If we did not accept those terms ( and their decent salary ) then we were free to leave anytime. Maybe today this could be seen as intrusive but we accepted that basically it was good practice and very safe. We had a " demilitarised" network zone available to outsiders and all the servers were virtual machines that had no physical presence and no way to get at the base systems from outside.. It may help to know that the servers were based in Tel Aviv and were under attack most of the time, so go figure why the security was so absolute. We all learned a lot from these practices.😇. I just wish our banks were half as good as this lot.👮‍♂️

 

[Dells]

I normally only buy off market place if it’s local and I can collect and pay but I see a steel hole punch set on there for £6 normally £70 ish and I must admit I thought it was a scam but as I was after one because I needed it to cut a hole in a clock mainspring ( I restore antique clocks ) I thought it was probably a scam but thought worth risking £6 , well to my amazement it turned up looked new so although most to cheap to be true things are scams it just goes to show not all but the problem comes trying to to sort the wheat from the chaff.

Dell

[dutchie01]

On 3/2/2024 at 6:37 PM, GMB said:

The company I worked for had a 24/7 contract. On call any time of day or night. A worldwide private VPN for all our network traffic use and full monitoring of all their/our remote devices. We were 100% logged in to the servers at all times or nothing worked.  If we did not accept those terms ( and their decent salary ) then we were free to leave anytime. Maybe today this could be seen as intrusive but we accepted that basically it was good practice and very safe. We had a " demilitarised" network zone available to outsiders and all the servers were virtual machines that had no physical presence and no way to get at the base systems from outside.. It may help to know that the servers were based in Tel Aviv and were under attack most of the time, so go figure why the security was so absolute. We all learned a lot from these practices.😇. I just wish our banks were half as good as this lot.👮‍♂️

 

Banks do have a pretty strong IT defense they literally spend billions in keeping safe. Its in their DNA. Companies however... Our company got hacked last year, ransom ware all systems down. After this was solved it was shocking how naive we have been the door was wide open. IT Has now become a fixed part of our plans and we allocate large sums towards it. 

[GMB]

13 hours ago, dutchie01 said:

Banks do have a pretty strong IT defense

Yes they do have a strong defence nowadays, very true and absolutely necessary. I have a couple of funny, or not so funny stories - in brief: I went to a very large bank HQ for an appointment with their head of IT. I walked in the building and the security guard was busy with someone else so I passed by someone coming out who held the door open for me! I walked up to the server room where his office was. He was not in his office. He was in the bullet-proof air-conditioned glass square construction that held the main servers. I tapped on the glass and someone let me in. I stood next to the IT chief until he spotted me. You should have seen his face. He could not believe how anyone could get in.  I know it was cheeky of me but I could not resist the experiment. Crazy times!

Second true story: Big manufacturing company had a ransomware attack and rightly refused to pay. Worst case scenario is lose a full day's transactions ( which had an audit trail on a separate network isolated server system anyway ) and back up from a "Ghost" image and re-instate all the data from the daily back-up. The daily back-up was a series of physical tapes which were recorded and saved in rotation every night starting at 6pm. This boring repetitive task was given to a junior member of the IT team. They were very disappointed when the non-existant back-up was found on an empty tape. It had never backed up and was never tested. He just did not understand why he got an error message and thought it was just an information pop-up.

Thankfully we have better ways of doing things now.🤭.  

[Linas.P]

Banks indeed have strong IT security nowadays, problem as always is weak link between chair and the system. It is always human error and humans are not smart sometimes... most of the time really...

I remember we designed our latest internet banking security and to this day it was never breached (8 years and counting), but we still had few frauds where it looked like client himself paid the money out, but in one case it turned out that they have allowed their kids to have access to to their phone (basically multiple fingerprints allowed and kids had their fingerprints registered), so they basically just transferred the money to their accounts. Other time I remember system alert triggered on suspected fraud and when we called back the client to ask if they intending to transfer £100,000 to ... it was some African country... they told us "no, but there is lovely chap on the phone who is fixing my macbook". Turns out they gave them log-in details and approved notifications to the phone for log-in, notifications about adding new beneficiaries etc. Obviously, there are multiple layers of security, hence these usually get caught in 2nd or 3rd layer of security, but you can always work around security by exploiting social engineering.

The first one was the only one we didn't caught, but it wasn't really anything that we could do about it, client breached the rules, allowed unsecured access to their account and I believe fraud team even rejected their claim. The second one was the only genuine attempted of fraud which reached processing, but was caught by system rules etc. 

The other problem is what I call "friction in the system design/user interface". The typical anecdotal example - when you make password conditions too difficult to remember, then users will write their password on post-it and stick them to the screen! But it is literally true and has happened in practice. So good security should be relatively simple to use from user perspective to be effective... companies nowadays goes way overboard with security measures and promotes such behaviour. For example recent ruzzian intercept of German military call is exactly such example - the German secure communication channel was way to difficult to access (don't know the details, but turns our process takes like 15 minutes to authenticate with way too many steps) for the user under time pressure they just accessed the call via public link... and that was enough! It was legitimate webex link, the only difference it was outside secure environment and that was it! Should he be sacked for that - yes 100% (he wasn't), but also it highlights that their protocols for accessing secure communication are not fit for purpose.