News

Scammers target Facebook users with 'free' tai chi and social dancing classes

May 20, 2026

Fraudulent Facebook groups advertising ‘free’ local activities have emerged as a growing and increasingly sophisticated type of scam. These scam groups are used to trick people into downloading malware capable of stealing money from their devices.

Community scam pages
1 min read

We have reports of scammers targeting Facebook users with ads for 'free' community classes, including tai chi, walking clubs, and dance classes.  

These scam groups encourage the downloading of apps which contain hidden malicious software that allows scammers to access people’s bank accounts and other personal information.   

Numerous Facebook groups have been created under this pretence, using AI-generated content to look authentic and trick users into downloading the malware.  

In some cases, people joining the groups were also asked to pay a sign-up fee on the same website, leading to phishing and credit card detail theft. 

How to stay safe in Facebook groups 

Although many of the Facebook groups involved in these campaigns have been reported and removed, more are appearing.  

Look out for: 

  • new or suspicious pages with few followers or all posts uploaded at once.
  • AI-generated or odd content, or overseas imagery used in NZ groups.
  • if you are asked to download or install an application after joining the group, don't download and install apps from unknown sources. Navigate to your trusted application store as you normally would, as these have more protections in place to reduce the number of malicious apps. 
  • organisers are vague about locations or schedules or claim you must register through an app before they will share basic details like times and venues.
  • too good to be true promises or ‘free’ classes with no recognised local affiliation to a recognised community centre, council or legitimate health organisation.

What should I do?

Do not download unverified apps. If you believe you’ve been affected by a scam:

  • Contact your bank immediately.
  • Delete or uninstall malware from your device. Uninstalling the malicious app from your device may be sufficient, however in some cases the apps can be well hidden or make uninstalling difficult. In these cases, a factory reset or working with a professional will be the easiest way to ensure the malicious app has been removed.
  • Have your phone or device checked and cleaned by an IT professional.
  • Change your passwords to something long, strong, and unique, especially on your main accounts e.g. your banking login and emails.  
  • Report the content to the social media platform and block the scammers across all devices.
  • You can also contact ID Care for specialist aftercare support.