(WAFB) - The Better Business Bureau (BBB) says it’s best that consumer not click messages on social media sites, emails, or text messages that state “Is this you?”
The BBB says these messages are likely to come from someone the user knows and has a good relationship with, including friends and family members. However, the person behind them is likely a cybercriminal hoping to get personal information from the user.
How the BBB says these types of phishing attacks work:
- User receive messages that looks like they comes from a trustworthy source. They may look like they come from a co-worker or a family member, or appear to be from users’ financial institution. The user thinks the message is legitimate because they recognize the sender.
- The message urges you to type in a website address or click a link. When you do, you go to a clone of a legitimate website. In this Facebook phishing scam, you might think you’re on a Facebook login page when you’re actually on a page designed to capture what you enter.
- You type in the information it asks for, and that data is stolen. There are multiple versions of many phishing attempts, and some may also prompt you to download something that infects your computer.
- In many situations, your computer or social media account is used to send the phishing attempt back out to everyone on your contact list, this time using your name and image as “bait.”
Phishing attempts frequently imitate large banks, credit card companies, major online sellers, news agencies and common cell phone providers because it works, the BBB says. People assume communication from a nationwide bank chain or credit card company must be secure and important, so they’re more willing to trust.
Why Are the Scammers Using Facebook Messenger?
Users typically only hear from people they know well and care about through Messenger, so their guard is already down. Seeing the notification they’ve received a message, they experience a tiny dose of positive emotion, expectation and curiosity. They want to know what this person they care about has to say.
Some messages read something like, “Hey (your name), what are you doing in this video lol! Search ur name and skip to 1:53 on video. Type in browser with no spaces -> (then they give you a web address).”
How the BBB says you should protect yourself
- Always think before you click. If your friend wouldn’t typically send you that type of message, it’s best to check with them before you follow the link or type in the web address. It may have come from their account, but they could be victims too.
- Know videos shared on Facebook play when you click them. You shouldn’t have to type in additional login information, download something or navigate to an outside website.
- Use common sense. Scammers like to cause alarm to create urgency. You might get a message that indicates you’re in a compromising video, your password is being reset, your account is in danger of deactivation or some other situation that needs immediate attention. If it seems unlikely, watch out.