If you see this link, which is making the rounds on many social media pages right now, DO NOT CLICK IT! It is yet another phishing scam.

If you clicked it AND clicked the welcome box so you could read the article, you need to immediately change your Facebook password as well as any passwords saved on whichever device you used at the time.

The way phishing typically works is a victim receives a message that appears to have been sent by a someone they know or a well-known organization. An attachment or links in the message are used by cybercriminals to install malware on the victim’s computer, smart-phone or other device.

In some phishing scams, victims are directed to click what they believe to be a news story of broad interest, that will re-direct them to a malicious website the criminals set up to trick them into divulging personal and financial information, such as account IDs, passwords, or credit card information.

Using a sensational title or a post of broad interest to a variety of people make it very easy to trick the victim into clicking the malicious link. Although some phishing emails and Facebook shares are poorly written and easy to spot as fake, advanced cyber criminals use the same methods as professional marketers or journalists do to present the most effective types of messages or news stories.

Studies have shown only about 25-35% of people who share posts on Facebook actually read the linked article, thereby causing many more people to see the false link than would otherwise.

The most common form of phishing is through Facebook posts that generate the most likes or shares, often news of a sensational nature. Phishing campaigns often take advantage of breaking news stories, both real and fake.

Another example of a typical phishing scam.

Another example of a typical phishing scam.

If you have been phished, the scammer can access not only your Facebook to spam out the same or new scam links, but depending on your device and your password settings they can potentially access anything you have previously stored a password for; such as bank accounts or other sensitive information. They can also potentially access your pictures and other files remotely, just as you would if you were away from home.

Sometimes it can take hours or days for the scammer to get around to accessing the victim’s account, sometimes it might take minutes or even seconds. It depends on how successful their efforts are at getting people to fall for the scam.

Many people, who have had their accounts hijacked by the cybercriminal end up permanently losing access to their Facebook accounts and have to create entirely new accounts.

Just remember, anytime you see a news title that sounds too outrageous or very sensational, always make sure to check the source where the news is coming from. You can also google the headline to see if other news agencies are reporting the same incident. Basically, if the title or “news” organization doesn’t sound legit, it probably isn’t.

Contact the writer:

trevor main

Leave a Reply