From the Better Business Bureau:
Have you received a Facebook message with a video link asking, “Is this you?” If you have, don’t click the link. Delete the message and make sure your firewall and anti-virus software are up-to-date.
There’s a phishing scam making the rounds. If you’re a victim, you receive a message from someone you know and trust, one of your friends and family members. The message expresses they were surprised to have seen you in a video and contains a web address that’s supposed to lead you to it. You’re not in the video. Don’t follow the link.
Phishing (pronounced fishing) is a fraudulent attempt to steal your information. Cybercriminals want your passwords, bank account numbers or other sensitive information, or they want to trick you into downloading malware onto your computer.
The cybercriminal might contact you through email, text message or social media. They act like someone actually fishing, casting out a baited hook again and again until a victim bites. Here’s how a typical phishing attack works:
Phishing attempts frequently imitate large banks, credit card companies, major online sellers, news agencies and common cell phone providers because it works. People assume communication from a nationwide bank chain or credit card company must be secure and important, so they’re more willing to trust.
Why Are the Scammers Using Facebook Messenger?
If regular fishermen just tossed in a hook, they wouldn’t catch much. The trick is to completely hide the hook by offering bait that’s irresistible to the type of fish they’re after. They don’t want the fish to nibble, or to think about whether or not they should bite. They’re hoping the bait looks so attractive their prey swallows it whole.
You only typically hear from people you care about through Messenger, so your guard is already down. When you see the notification you’ve received a message, you experience a tiny dose of positive emotion, expectation and curiosity. You want to know what this person you care about has to say.
Before you even click on the message, that bait has your attention.
The message reads something like, “Hey (your name), what are you doing in this video lol! Search ur name and skip to 1:53 on video. Type in browser with no spaces -> (then they give you a web address).”
The way it’s written makes it sound like they’re surprised to see you doing whatever you’re doing in a video of that type. Your curiosity intensifies, and you may also feel alarm. You wonder what they’re talking about, and you want to protect your reputation. Your concern might cause you to act before you think through the consequences.
How to Protect Yourself
Follow these tips to protect yourself from this and other Facebook scams.
Also be wary of phishing threats from executive impersonators (also called CEO impersonators or Whaling) in the workplace.
What If You’ve Already Been Scammed?
If you receive the message from a friend, let them know their account has possibly been compromised and just don’t try to access the video. If you ignore it, your account remains secure.
If you’ve already taken the bait, report the scammers to Facebook and let your friends and family know what happened to you. Then, change your login credentials. If you use the same username and password on other accounts, change those too. Also, use antivirus software to check and see if your computer has been infected with malware.
If you spot an illegal scheme or fraud, help us warn others by reporting it on the BBB Scam Tracker today.
To learn how to protect yourself from a variety of scams, go to “10 Steps to Avoid Scams”.