“Is this you?”
“Did you make this video?”
If you spend any time on Facebook you’ve probably received a message from a friend asking one of those questions. The message has a link to a video and might even include your profile picture. Don’t let curiosity get the better of you because it’s a scam and it could steal your information.
The message and link is being distributed over Facebook Message and appears to be from a friend. It looks legit and is even included in any message string between the two of you. So what happens if you click on it?
Two things are possible. One will send you to a website outside of Facebook asking you to login to your account. It also looks legit with the same blue background and border that Facebook uses and the same fonts and instructions. If you login with your Facebook credentials the hackers who sent the message will be able to login to your account, get information about you and send similar messages to all of your friends using their profile pictures.
It’s a phishing scheme used to steal those credentials since a great number of people use the same username and password on Facebook that they use on other critical accounts such as their email, Google and accounts that store credit card information. For example, if you use the same email address and password on Facebook that you use for Gmail, the hacker can login to your Gmail account and read all of your emails.
The other thing that can happen is the link sends you to a website that automatically begins installing malware on your computer that will scrape information and install ransomware. This is how hackers lock someone’s computer and ask for hundreds of dollars in bitcoin to release the hard drives.
The way to avoid all of this is to delete the message without clicking it. Run a malware-virus check on your computer (which you should be doing regularly). Change your Facebook password along with any other account using the same credentials.
Visit your settings in Facebook and go to the security option. Scroll down until you see “Setting Up Extra Security”. Make sure “Get alerts about unrecognized logins” is turned on. This gives Facebook permission to send you a notification if someone tries to logon to your account from a device or computer you haven’t used before.
And relax. There is no video of you being shared with all of your friends. The Better Business Bureau, FBI and AARP have issued warnings about this Messenger scam and all report they’ve seen an uptick in complaints.