Hackers have been becoming increasingly creative in their ways of duping unsuspecting investors, and one of their latest endeavors has been the hacking of Twitter. Verified Twitter accounts all over the website were the subject of Bitcoin sweepstakes posts, leading many newcomers to lose funds. However, as companies have strengthened their defenses, these hackers have made their way to a new platform – Facebook.

The Facebook hacks have mostly come in the form of false cryptocurrency advertisements, showing up as sponsored posts with fake cryptocurrency as the subject. However, the goal of the scammers doesn’t appear to be to directly take funds from these advertisements. Instead, they become privy to sensitive user data, including credit card information and private keys to crypto wallets.

According to reports from Hard Fork, one of the big ads appears to look just like a CNBC post, offering an investment opportunity with CashlessPay, a fake crypto asset. This sponsored ad came from the profile of musician Jonatanas Kazlauskas, but Hard Fork has not received a reply to their requests for a comment.

The scam looks a little more obvious on the website, but less experienced investor could still have difficulty discerning this. Though the website is not provided on any of these news website, Hard Fork notes that it is not connected to CNBC, but it claims that Singapore has made changes to their legislation regarding cryptocurrency.

The report says, “Singapore, in an unprecedented move, just announced that they are officially adopting a certain cryptocurrency as Singapore’s official coin. The government of Singapore just informed us that they have chosen a preferred firm for the purchase and marketing of their new coin – CashlessPay Group.” The remainder of the article discusses how the user can “invest” in the crypto asset.

This fake page leads to another fake page, which is the “bogus” website for CashlessPay cryptocurrency. There are no links that actually work on the page, except for a registration form that captures the user’s personal data, including phone number and email address. Entering the form brings the user to another bad page with multiple crypto exchange desks that lead to false investment options.

Based on what Hard Fork has discovered so far, the two pages right now that are doing this are Roiteks and CoinPro Exchange. Both are registered in Bulgaria, and there’s no regulation, which is to be expected. Both pages still require the user to enter personal data and credit card information. There’s even a chat box to get “help” from one of their “representatives.”

Hard Fork points out something interesting about the way that attackers have managed to use Facebook. Facebook has a policy against malicious cryptocurrency ads, but somehow these scams made it through the defense algorithms in place. The company actually went as far as completely banning crypto and blockchain ads earlier this year, but the restrictions were lightened later on. However, it seems that this more passive approach has just left them open to more risks.

Now, the question is – will Facebook quash these issues more effectively and efficiently than Twitter has. So far, Facebook has not responded for comments.