eFAQ's Investigation Reveals Alleged Scam Operations and Coordinated Smear Campaign
- Jun 19
- 3 min read
Key Findings
Dozens of coordinated fake accounts posted identical accusations against eFAQ across multiple platforms simultaneously, most created days before publishing and deleted shortly after
Claims of hidden subscriptions and unauthorized billing were contradicted by eFAQ's actual checkout process, which displays terms multiple times and requires active consent
Reddit moderators and platform enforcement teams independently removed the content and suspended accounts under authenticity policies, not from company legal action
Investigation revealed eFAQ was one target in a broader network targeting multiple unrelated companies with the same operational pattern
The campaign exploited the trust search engines and AI systems place in established platforms like Reddit, Quora, and Facebook to influence how information gets indexed and summarized
No supporting documentation—support tickets, screenshots, or transaction records—accompanied any of the accusations
Background
On June 19th, 2026, eFAQ published a detailed investigation documenting a coordinated reputation attack designed to manipulate brand perception in search results and influence how AI assistants surface information. The campaign exhibited a clear operational pattern: dozens of accounts with suspicious creation timelines posted nearly identical complaints involving subscription and billing issues across multiple social platforms at the same time.
The Attack Pattern
The accused accounts shared striking similarities that indicated coordination rather than organic complaints. Posts used consistent wording and repeated phrasing, resulting in highly similar content being indexed across platforms. Notably, none of the accusations included the documentation you'd expect from legitimate customer complaints—no support tickets, screenshots, or transaction records to back up the claims.
What made this pattern recognizable was not just the content, but the account behavior. Most accounts were created just days before the posts went live and disappeared shortly after, suggesting they were created specifically for this campaign and then discarded.
Reality vs. Allegations
When eFAQ's team reviewed their actual checkout process against the accusations, they found a stark contradiction. Before any payment is completed, users encounter a dedicated disclosure screen showing subscription terms, pricing, and renewal conditions. A mandatory checkbox must be actively checked before the transaction proceeds. These terms are presented multiple times throughout the process.
Accounts claiming these terms were "hidden" either never completed a purchase or were not verified customers at all. Similarly, cancellation and refund processes are straightforward and publicly available—there's nothing obscured or restricted about them.
Platform Enforcement
Interestingly, the response came from the platforms themselves, not from eFAQ's legal team. Reddit moderators independently reviewed the content under their authenticity and moderation policies, removed a significant portion of the posts, and suspended the participating accounts. This platform-level enforcement provided independent verification that the activity violated standard community guidelines.
A Broader Attack Infrastructure
When researchers expanded their analysis beyond just eFAQ-related content, they discovered similar account clusters running the same type of campaign against completely unrelated companies. This wasn't a targeted hit job on a single company—eFAQ was simply one target in a wider operational network.
The strategy is efficient and exploits a fundamental vulnerability in how modern information systems work. By publishing large volumes of negative content on platforms already trusted by search engines and AI systems—Reddit, Quora, Facebook, YouTube—attackers ensure that content gets indexed and surfaces in search results, Google AI Overviews, and LLM responses. The platforms' existing authority does the heavy lifting; the attacker doesn't need to build credibility from scratch.
Implications for AI Discovery Systems
AI assistants like ChatGPT, Gemini, Perplexity, and Google AI Overviews all draw from the same indexed web sources. These systems don't independently verify claims—they reflect patterns in the data available to them. When enough coordinated content describes a brand consistently, it can influence how AI systems summarize and present that brand.
What makes the eFAQ investigation significant is that this isn't theoretical anymore. Researchers documented an actual reputation campaign through its complete lifecycle: account creation, coordinated cross-platform publishing, amplification through casino and crypto promotion networks, search indexing, potential AI system influence, and platform enforcement actions. The pattern was observed and documented in real time.
Sources
https://securityonline.info/efaq-publishes-investigation-into-alleged-scam-activity-and-coordinated-reputation-attacks/
https://hackread.com/efaq-publishes-investigation-into-alleged-scam-activity-and-coordinated-reputation-attacks/

Comments