what to do about the facebook spam video

If you've ever wondered why cybercriminals are interested in your IM passwords…

…well, it's not just so they can sneak into your account and snoop through your personal information with a view to abusing information technology themselves or selling information technology on to someone else who will.

Access to your account too gives crooks a level of trusted access to your friends and family that makes scams of all sorts much easier to pull off.

Whether it's pitching a bogus investment plan, luring someone to a imitation login folio, persuading them to submit an application form for a not-real job, or simply getting them to waste their money on useless, overpriced, shoddily made tat…

…well, it's much more than likely that a scammer volition exist able to talk you into clicking a link using a bulletin that really came from a friend'south account than if they just contacted you out of the blue.

Indeed, many users deliberately limit their "circles of contact" on social media and instant messaging services not just for privacy reasons just too to cutting downwardly on the sort of unsolicited messages, spams and scams they endure via email.

A menace to those around you

A scammer with your instant messaging or social media passwords is not only a menace to you, but as well to those around y'all, as ane of our readers discovered this evening when he received a note from a friend via Facebook Messenger that said:

Is information technology you lot in the video

From someone you didn't know, a question like that would autumn somewhere betwixt bizarre and creepy, only from a friend, who wouldn't desire to take a look?

At that place is no video, of course – the blackness image links to a URL shortening service, which in plow redirects to a URL that pops upward what looks like a Facebook login page:

The URL (redacted in a higher place) clearly has nothing to do with Facebook – information technology'due south a randomly-generated server name on a boutique Hungarian web hosting platform – and, as you lot tin meet from the crossed-out padlock icon in the address bar, the site uses HTTP and not HTTPS.

Facebook was an early adopter of HTTPS-for-everything, giving up on HTTP altogether back in 2012, so any page that claims to represent Facebook but doesn't accept HTTPS is an unreconstructed fake.

Unfortunately, putting in your username and countersign into the fake login page in a higher place would submit them to a server running on a low-toll web hosting service in the USA, using a vaguely legitimate-looking domain name that was registered less than a month ago.

Our reader immediately assumed that his friend had himself recently recieved a similar (mayhap even an identical) message, and had non but clicked through simply attempted to login, handing his countersign to the crooks and thus ensuring that all his contacts would shortly be spammed in turn.

After the faux login page

This scam goes fifty-fifty further – whether equally a distraction to buy a bit of fourth dimension before victims realise they've been taken in and rush to change their Messenger passwords, or only to requite the crooks a 2d seize with teeth at the cherry, we don't know.

Later on entering your password, at that place's a short delay, as you might expect whan logging in to any online service, later which the crooks seem to pick from a range of other scams and redirect you to one of them randomly.

These didn't expect as though they were beingness run by the aforementioned criminals, so we're assuming the message-spamming crooks were simply hoping to collect "affiliate fees" from other criminals in the underground.

These "second redirect" scams varied from specious VPN offers to a range of those "free" phone deals where all you demand to do is pay a modest commitment fee (£1.95 in the variants we saw here), thus giving the crooks a believable excuse to collect your credit card details.

What to exercise?

• Apply 2FA on any account you tin can. Adding a second cistron of authentication ways that the crooks tin can't phish your password lonely then admission your account. 2FA is a pocket-sized inconvenience to you, just a major roadblock for cybercrimimals.
• If you lot think your friend'due south account has been hacked, contact them via some other method. Don't reply via the very same business relationship that you don't trust – if information technology is a scam, you are simply tipping off the crooks, who will lie to you and tell y'all everything is fine.
• If a friend lets you know your account was hacked, don't filibuster. Get into your account as soon as you tin can (without clicking on whatever links that anyone just sent you lot!), assuming you can nevertheless access information technology, and modify your password right away so the erstwhile password is useless to the criminals.
• Apply a password managing director. Password managers help in many means: you automatically become a different password for every site; you become passwords that are random and tin't be guessed; it'south faster to change your countersign if yous do get hacked; and it'south much harder to get phished because your password manager won't put the correct password into the incorrect site.
• Use an anti-virus with a congenital-in spider web filter. Attacks of this sort generally don't rely on sending malware to your estimator, merely instead rely on tricking you into uploading secret data like passwords from your reckoner. A web filter helps stop you landing on faux pages in the first place and therefore shields y'all from phishing. (Sophos Home has a spider web filter – there'southward a free version for both Windows and Mac.)

---

bairhantimpok.blogspot.com

Source: https://nakedsecurity.sophos.com/2020/12/18/is-it-you-in-the-video-dont-fall-for-this-messenger-scam/

Share this post