A recent Reuters investigation revealed that Meta projected $16 billion of its 2024 revenue would come from scam ads. Here's what that means for your Shopify store and your customers.
The Reuters Investigation
In November 2025, Reuters published an investigation based on internal Meta documents that revealed something mind-blowing. Meta projected that approximately 10% of its total 2024 revenue, roughly $16 billion, would come from advertisements for scams and banned goods.
The internal documents detailed how the company generates an estimated $7 billion annually from what they internally classified as "higher risk" scam ads, meaning advertisements that are clearly deceptive. Meta's own data showed users seeing approximately 15 billion of these high-risk scam ads every single day across Facebook and Instagram.
The categories of scam advertising included fraudulent e-commerce schemes, fake investment opportunities, illegal online casinos, and the sale of banned medical products. The Consumer Federation of America has since filed a lawsuit against Meta, alleging the company knowingly profited from fraudulent advertising while undercutting internal efforts to stop it.
Meta has pushed back, calling the 10% figure "a rough and overly-inclusive estimate" and stating that the company "aggressively" addresses scam ads. But the internal documents suggest Meta was concerned that abruptly removing fraudulent advertising could impact its business projections, and that the company had set a specific cap on how much revenue it was willing to forgo to combat suspicious advertisers: just 0.15% of total revenue.
What This Means for E-Commerce Store Owners
Most discussions of e-commerce fraud focus on how customers stumble into scams. They mistype a URL. They click the wrong search result. They follow a suspicious link from an email. The implicit assumption is that scammers wait passively for victims to find them.
The reality is much worse. Scammers are actively buying ads, lots of them, and platforms like Meta are taking the money. Your customers aren't accidentally finding scam versions of your store. They're being served those scam stores in their feeds, between posts from friends and family, while they're scrolling.
This changes the threat landscape significantly. A scammer who clones your store no longer needs to compete with you in organic search results. They don't need to rank for your brand name. They don't need to wait for customers to discover them. They just need to buy ads that put their fraudulent listings in front of people who match your customer profile.
How Ad-Driven Store Scams Work
The mechanics are straightforward and effective. A scammer scrapes your store, copying product images, descriptions, and pricing. They build a clone site, often on a recently registered domain. Then they run targeted ads on Facebook and Instagram, using your stolen product images as the creative.
Meta's targeting algorithms are extraordinarily good at finding the right audience. The same systems that help legitimate brands reach interested customers also help scammers reach yours. The ads appear in users' feeds with your products, your photography, your branding, all pointing to a fraudulent destination.
The ads typically feature aggressive discounts, often 50% to 80% off retail prices. "Outlet" or "Going out of business" sales. "Final inventory clearance." Limited-time offers designed to create urgency and bypass careful consideration. Customers who click are taken to a convincing replica of your store where they enter their payment information and place orders that will never be fulfilled.
Why This Hurts Your Brand
When customers get scammed by an ad featuring your products, they don't blame Meta. They don't blame the scammer. They blame your brand. They saw your products in the ad. They thought they were buying from you. When the order never arrives or arrives as a counterfeit, you become the target of their frustration.
Negative reviews appear on Google and Trustpilot. Angry customers post on social media. Chargebacks come through. Your customer service team fields complaints about products you never sold and orders you never received. The damage to your brand reputation is real, even though you had nothing to do with the transaction.
The financial impact extends beyond reputation damage. Customers who get burned by a scam version of your brand often won't return to legitimate stores in your category. They become wary of online shopping in general, especially in your product space. The trust your industry has worked to build gets eroded with each successful scam.
Why You Can't Rely on the Platforms
If 10% of Meta's revenue genuinely depends on scam advertising, the platform has limited financial incentive to address the problem aggressively. The Reuters investigation noted that Meta capped its anti-scam efforts at forgoing just 0.15% of revenue, a fraction of what scam ads bring in.
Reporting individual scam ads is possible but inefficient. By the time Meta reviews and removes a fraudulent ad, the scammer has typically already made their money and moved on to a new ad campaign with a slightly different domain. The whack-a-mole nature of platform-level enforcement means individual brands can't realistically protect themselves through reporting alone.
Meta's Ad Library, which is supposed to provide transparency into who's running ads, has its own issues. The Reuters reporting alleges that Meta has at times removed fraudulent ads from the searchable database when regulators began investigating, while leaving the ads themselves running. The infrastructure that should help brands and regulators identify scam ads doesn't always work as intended.
What You Can Do
Even though you can't directly control what ads appear on Meta platforms, you can take steps to detect and disrupt ad-driven scams targeting your customers.
Monitor for unauthorized use of your content. The clone sites that scam ads link to are built using your stolen product images and descriptions. Detecting when your content appears on unauthorized domains is the first line of defense, since the clone site has to exist before the ads can run.
Search Meta's Ad Library for your brand. Periodically check the Ad Library at facebook.com/ads/library for ads featuring your brand name or products. While imperfect, this can surface ads using your name or imagery without authorization.
Educate your customers. Make it easy for customers to verify they're on your real store. Clearly display your official domain in email communications and social media bios. Consider adding a notice on your site about the prevalence of scam ads featuring stolen content.
Take takedown actions against detected clones. File abuse reports and DMCA takedowns with the clone site's registrar and host. Report to Google Safe Browsing. If you can identify the payment processor the scam shop uses, report fraud to them as well. Removing the destination disrupts every ad campaign pointing to it.
Report fraudulent ads on Meta. Despite the platform's limitations, reporting individual scam ads creates a record. If Meta receives multiple reports about a particular advertiser or pattern of ads using your content, it increases the likelihood of action.
How StoreLock Helps
The clone sites that fuel scam ads can't operate without stolen content. They need your product images and descriptions to look convincing. By detecting that content theft early, StoreLock helps you identify and respond to scam infrastructure before the ad campaigns reach scale.
StoreLock monitors for unauthorized copies of your store and alerts you when your content appears on suspicious domains. When a clone site copies your store including our protection script, we can automatically redirect visitors back to your legitimate store, meaning customers who click on a scam ad and land on the clone get sent to safety before they can enter payment information.
Image detection. Our image detection capabilities identify when your product photos appear on unauthorized sites, even if other content has been altered. This is particularly valuable for detecting ad-driven scams, where scammers often modify text but rely heavily on stolen product imagery to make their ads convincing. Scrapers can change descriptions and pricing, but they need your actual product photos to make their ads look legitimate.
When we detect your content on suspicious domains, we provide actionable information: where your content appears, where it leads, and the contacts you need for takedown requests. We're also building a database of scam destinations across all our clients, helping identify patterns of systematic fraud and strengthening collective takedown efforts.
The Threat Has Changed
The Reuters investigation made one thing clear: scam advertising is not a fringe problem. It's a core revenue stream for one of the largest advertising platforms in the world, generating billions of dollars and reaching billions of users daily. Your customers are being targeted whether you realize it or not.
The old model of brand protection focused on domain squatting, search engine spam, and obvious lookalike sites. Those threats still exist, but they've been joined by a far more aggressive threat: well-targeted, professionally executed ad campaigns funneling customers to convincing clones of your store.
Protecting your customers and your brand means staying aware of how your content is being used across the internet. The faster you detect content theft, the faster you can disrupt the scams that depend on it.
StoreLock is here to help. Install StoreLock today and get alerts when your store content appears on unauthorized domains. Plans start at $4.99/month.
