How is the Facebook laptop scam being distributed?

The scam is being distributed via a fake Setec Facebook page promoting 'damaged packaging' laptops at the symbolic price of 123 MKD. The post likely appears in users' feeds as sponsored content, then gets amplified via likes or shares from people who fall for the scam. Fake user accounts post supposed 'success stories' with images of HP laptops they claim to have received.

What happens when someone clicks on the scam Facebook post?

When victims click on the link in the Facebook post, they are taken to a page on miracledat.com (which has no connection to Setec). The site presents a fake 'lottery' claiming the visitor was selected to win an HP 15 laptop and creates urgency through a countdown timer. After answering simple qualifying questions, victims are presented with a rigged gift box game where they always 'win' regardless of their choices.

What personal information is stolen in this Facebook laptop scam?

The scam collects victims' names, addresses, phone numbers, credit card numbers, expiration dates, and CVV security codes. Victims are asked to enter their personal details and then redirected to a payment page requesting credit card details for a 'small shipping fee' of 145 MKD.

How do the scammers use the stolen data?

The card data will be used to charge victims' cards or 'pay for services' on other websites where criminals have set up businesses used to launder money from stolen cards. The personal data will be used to target victims with other scams, phishing attempts, or phone calls to try other theft techniques. Finally, all this data can and will be sold for profit to other criminals.

What technical methods do the scammers use to avoid detection?

The scammers use a redirect technique through multiple websites to avoid being shut down. After submitting personal data, the browser is redirected through two websites before reaching the payment page. This technique allows scammers to quickly change payment sites if one gets blocked, while keeping the intermediate sites (which appear non-malicious) operational.

What are the red flags that indicate this is a scam?

Red flags include: Price too good to be true (HP laptops for 123 MKD, around $2); Urgency tactics (countdown timers, 'limited quantities' warnings); Artificial social proof (fake testimonials with stock profile photos); Domain inconsistency (using miracledat.com instead of setec.com.mk); Recently registered domains (created within the past year); Grammatical errors; Theatrical interface (rigged gift box selection game); and Guaranteed winning (everyone wins the prize, which is not how legitimate promotions work).

How can you identify the fake user accounts associated with this scam?

The fake accounts have completely illogical names for users from Macedonia, like 'Claire Morel', 'Amélie Dupont', and 'Bogdan Tomoiaga'. These names are not typical for Macedonian native speakers, yet their comments are in Macedonian. These AI bot-generated profiles are recycled for multiple ongoing scams in different languages - the profiles remain the same, but post in different languages depending on the target audience.

How can you verify that miracledat.com is not a legitimate Setec website?

The domain miracledat.com has nothing to do with Setec and was registered on January 14, 2025 - making it only about 3 months old. A company like Setec that has existed for over 20 years would not use a 3-month-old site for a giveaway. The legitimate Setec website is setec.com.mk.

Scam/Phishing

"HP Laptop for 123 MKD" scam campaign stealing Personal and Card data

Q: What is the Facebook scam targeting Macedonian users?

An active scam campaign on Facebook is targeting Macedonian users with an offer of 2-year-old HP laptops for only 123 MKD (approximately $2 USD). The scammers are impersonating Setec, a legitimate Macedonian technology retailer, to trick victims into providing personal data and credit card information through a fake promotion claiming to sell 'damaged packaging' laptops at a symbolic price.

published: April 24, 2025

Take action: First - never trust content on Social Media. Also, if it's too good to be true, it's ALWAYS a scam. If you think there is some merit to the message, verify directly through official company websites - never through links or numbers in the promotion you got served.

Learn More

An active scam campaign is active on Facebook targeting Macedonian users with an offer of 2 year old HP laptops for only 123 MKD (approximately $2 USD).

The scam starts via Facebook, where attackers are impersonating Setec, a legitimate Macedonian technology retailer, to trick victims into providing personal data and credit card information. The scam is being distributed as a fake Setec Facebook page is promoting "damaged packaging" laptops at the symbolic price of 123 MKD.

The post likely appears in users' feeds as sponsored content, then gets amplified via likes or shares from people who fall for the scam.
Fake user accounts post supposed "success stories" with images of HP laptops they claim to have received. You will note completely illogical names for users from Macedonia, like "Claire Morel", "Amélie Dupont", "Bogdan Tomoiaga" and more. All these names are not of Macedonian native speakers, yet their comments are in Macedonian.
- The AI bots that generated the comments are recycled for multiple ongoing scams on different languages. The profiles are the same, they jyst post in different languages.

If a victim clicks on the the linke in the Facebook Page, they are taken to Victims click on Facebook posts leading to a page on a site miracledat.com. Obviously, that site has nothing to do with Setec, and even more - the domain is registered on January 14, 2025 - only 99 days old. A company that exists for over 20 years won't be using a 3 months old site for a giveaway.

The site presents a fake "lottery" claiming the visitor was selected to win an HP 15 laptop and implies urgency through a countdown timer (common manipulation tactic)

The victims answer simple qualifying questions to indicate some sort of effort towards getting the laptop and a "filtering". In reality, the user can click on whatever they want, the result is always a success.

Then they're presented with an online game gift boxes to click, creating the illusion of a game. Reading through the source code, we found comments in Russian that describe that the "winning" box is always the third one. No matter which boxes are chosen, the victim always "wins" the laptop.

// Gift box
let emptyBoxClicked = false; // флаг для отслеживания клика по пустой коробке
let twoEmptyBoxClicked = false; // флаг для отслеживания клика по второй пустой коробке
let modalShown = false; // флаг для отслеживания появления модального окна
   // если кликнули на закрытую коробку и нет других открытых коробок с призом
   // если кликнули на другую закрытую коробку, когда уже открыта пустая коробка, но модальное окно еще не появилось
   // если кликнули на закрытую коробку и нет других открытых коробок с призом
   // если кликнули на другую закрытую коробку, когда уже открыта пустая коробка, но модальное окно еще не появилось
   // если кликнули на другую закрытую коробку, когда уже открыта пустая коробка и модальное окно появилось
       $("#fullscreen_prize_visib").fadeIn(1000); //открытие картинки с продуктом на весь экран, после коробочек
       $(".picture_after_boxes").addClass("active"); //анимация прокручивания для картинки с продуктом
         $("#fullscreen_prize_visib").fadeOut(100); //скрыть показ картинки с продуктом перед модальным окном
         $("#visib_modal_third").fadeIn(1000); //открытие последнего модального окна с призом
//modal  window

Translated to English:

// Gift box
let emptyBoxClicked = false; // flag to track click on empty box
let twoEmptyBoxClicked = false; // flag to track click on second empty box
let modalShown = false; // flag to track modal window appearance
   // if clicked on closed box and no other prize boxes are open
   // if clicked on another closed box when an empty box is already open, but modal window hasn't appeared yet
   // if clicked on closed box and no other prize boxes are open
   // if clicked on another closed box when an empty box is already open, but modal window hasn't appeared yet
   // if clicked on another closed box when an empty box is already open and modal window has appeared
       $("#fullscreen_prize_visib").fadeIn(1000); //opening full screen product image after boxes
       $(".picture_after_boxes").addClass("active"); //scrolling animation for product image
         $("#fullscreen_prize_visib").fadeOut(100); //hide product image display before modal window
         $("#visib_modal_third").fadeIn(1000); //opening the final modal window with prize
//modal window

The victim is then requested to enter their name, surname, phone and address. After pressing 'submit' the browser is redirected through two web sites

the first one just saves the submitted data by the victim
the second one is again given the submitted data but it returns an address of a third site
on the third website a payment page appears requesting credit card details for a "small shipping fee" of 145 MKD

This redirect technique is used to avoid stopping the scam if the fake credit processing page is shut down. The second website can be configured to return a different address for the payment site, and the second website is not malicious by itself to be immediately blocked.

After entering card details, the payment site tries to charge money immediately.

Stolen data includes

Name, Address, Phone number
Credit card numbers
Expiration dates
CVV security codes

The card data will be used to charge your card, or "pay for services" on other websites where criminals have set up businesses used to launder the money from stolen cards. The personal data will be used to target the victim with other scams, phising or phonecalls to try other theft techniques. Finally, all this data can and will be sold for profit to other criminals.

Red flags

Price too good to be true: HP laptops for 123 MKD (around $2) is absurdly low
Urgency tactics: Countdown timers, "limited quantities" warnings
Artificial social proof: Fake testimonials with stock profile photos
Domain inconsistency: Using miracledat.com instead of setec.com.mk (the legitimate company domain)
Recently registered domains: Both domains were created within the past year
Grammatical errors: While written in Macedonian, the text shows inconsistencies typical of scam operations
Theatrical interface: The gift box selection game is designed to create false engagement
Guaranteed winning: Everyone wins the prize, which is not how legitimate promotions work

"HP Laptop for 123 MKD" scam campaign stealing Personal and Card data

Read More
Criminals use TikTok videos to promise pirated apps, …
Expired cloud storage scam using Google Cloud Storage …
Complex phishing campaign impersonating Macedonian Post, stealing personal …
Online marketplace fake overpayment (payment hold) scam
Cryptocurrency theft through a program that victims need …