If you’re sent a DM on Facebook Messenger asking “is it you in this video” then you need to be on red alert as it’s all part of an elaborate scam that has resurfaced recently. As highlighted by security firm Sophos, this latest Facebook scam is designed to steal a target’s username and password, which can be then be used to spread the con even further. The scam begins simply enough when a Facebook user receives a DM (Direct Message) from one of their friends.
The private message on Facebook Messenger asks “is it you in this video” and provides what looks like an embedded video you can click play on.
If this had been sent by anyone else the Facebook user might not fall for the scam, but seeing as the sender is a friend it may trick someone into playing the video.
However, as Sophos explained – the sender has already had their account taken over by hackers, and this latest DM is all part of the cycle which continues spreading the scam.
If a Facebook user attempts to click play on the ‘video’ they will instead be redirected to a new web page that looks like a Facebook login screen.
The giveaway that this is a con, however, is the URL for the page – which instead of being an official Facebook website is clearly a bogus one, which is hosted in Hungary.
Another sign this website is fake is the webpage uses HTTPS instead of HTTP, with the former protocol being used by major websites to keep visitors safe.
Seeing as this fake website uses HTTP, the locked padlock icon you would see in the address bar when visiting legitimate websites is not displayed, a further sign that the website the Facebook DM has directed people to is bogus and dangerous.
If these warning signs aren’t spotted, and a Facebook user ends up entering their login details in then this sensitive information will be handed over to cyber crooks.
This will not only give scammers access to a target’s Facebook account, but also let them continue spreading the scam by sending the same message to any contacts of the hijacked FB profile.
Sophos went on to say that there is another aspect of the scam. Once a Facebook username and password has been entered into the fake login page, there will be a short delay before a victim is redirected to another scam.
These scams don’t appear like they’re being run by the same group of criminals, so they may be trying to pick up affiliate fees for sending victims to other cons.
Or, it might be a way for crooks to simply buy time so they can quickly access a victim’s account before they realise they’ve been conned and attempt to change their password.
Advising people on how to stay safe, Sophos said anti-virus and password manager tools can be helpful. They also advised that you should turn on two-factor authentication when this option is available.
Sophos said: “Use 2FA on any account you can. Adding a second factor of authentication means that the crooks can’t phish your password alone and then access your account. 2FA is a minor inconvenience to you, but a major roadblock for cybercrimimals.”
Sophos also advised that if you think a friend has been hacked, maybe after receiving a suspicious message, then contact them as soon as possible via another method of communication.
And if you are alerted by a friend that your account has been compromised don’t delay in trying to secure your account by changing your password.
Just make sure you head to an official website to change your login details, instead of clicking on any links that you’re sent from a contact.
Published at Wed, 23 Dec 2020 07:25:00 +0000