Phishing attacks are one of the most common scams on Facebook. The goal of these scams is to obtain your Facebook user name and password. If successful, the scammers can totally take over your Facebook account and use it to spread more spam and scams to your friends. They can also mine everyone in your network for data they can later use for identity theft or other socially engineered attacks. Some of the scams shown below also try to obtain credit card information. To be on the safe side, never follow links from emails or Facebook messages!
Here are some examples of popular phishing schemes on Facebook:
- Facebook Lottery – You’re likely to receive an email stating you’ve won a sum of money. These can also be advanced fee scams.
- Confirm or Recover Your Account – Any messages asking you to confirm your account should be viewed with extreme suspicion. If you receive an email like this, don’t follow any links. A better option is to log in to Facebook directly.
- Violated a Policy – Hacked accounts often send messages posing as ‘Facebook Security.’ If you encounter one of these scams, you’ll notice that Facebook Security will be spelled with non-traditional characters. This is done to bypass Facebook’s filters. Click here for more information on this popular scam.
- Photos & Videos – The scammers attempt to capitalize on our curious nature. You will receive a message from a compromised friend’s account asking you to look at this photo or video. A popular theme is to say the picture is embarrassing or they can’t believe you did that, etc. Other variants of this scam contain files laden with malware.
Most all of these scams direct you to external links to pages designed to look like Facebook. Before logging in to any site, always verify that you are indeed on the main site. Careless and unsuspecting users are often fooled by these tricks.
Below is one example of the photo phishing scheme mentioned above.
“do you notice that they were rrecording u lol this is unpleasant lol !!”
Other Alternate Messages:
Is this you in this video on facebook, what are you doing LOL? Search on this website for your name
HAHAHAHAHA i can not believe whaat you did in thisss videeo it’s sooo stupid its all over facebook! Coooopy and Paaaste the url below into your web browserr to seeeee , its craazy! Removeee thee Spaces —>
OMG have u seen ur video on here. u should check this out!
Clicking on the link in the scam post will at first direct the user to a Facebook application and then ultimately to a phishing URL:
Scams like this are very common on the Facebook platform. Humans are curious by nature, and the scammers often use this and other emotions to their advantage. Also consider that these messages or updates may come from a friend’s hacked account. Don’t assume any links or messages are legitimate just because they came from a friend. In fact, if you receive them via Facebook chat / message, then there is a good chance that your friend’s account has been compromised. Double check your friends list and remove or block any name that looks suspicious (awkward and non-traditional spellings of Facebook Security, Account Confirmation, etc.)
Never enter your login information when a web page redirects you without first double checking to make sure you are on the legitimate site. A better option is to bookmark Facebook, and only log in from there.
We also recommend enabling Login Approvals as an extra layer of security for your Facebook account. This is two-factor authentication, so even if your password is compromised the hacker will still need a code to complete the login.
If you ever fall for a phishing scam, then try to reclaim your account as quickly as possible. Check out the following article for additional steps you should take:
Be sure to let your Facebook friends know that your account has been compromised and not to click on any links that are sent from you.
If you or your Facebook friends are falling for tricks like this, it’s time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to be kept informed of the latest security issues. Also check out:
Choose what the experts use: award-winning cybersecurity you can trust and rely on.
Surf the web truly incognito. Try Bitdefender Premium VPN, the ultra-fast VPN that keeps your online identity and activities safe from hackers, ISPs and snoops.