Facebook is home to plenty of scams and if you regularly use its Messenger app then there’s a new one to be aware of.
Known as a ‘phishing’ scam, it arrives as a message either directly on your Facebook profile or through the Messenger app.
The scam message reads: ‘Look what I found’ and includes an emoji and a hyperlink.
Naturally, you shouldn’t click the link.
Chances are the message will come from a friend or other contact who has had their account compromised. So while it seems to come from a trusted source, it’s actually a sneaky way to try and gain access to your data.
Clicking on the link will take you through to a malicious webpage that asks for your Facebook log-in details. If you put them in, the scammers running the site will be able to scrape your personal data and, in some cases, install malware directly onto your phone.
Not good if you’ve got any kind of sensitive or financial information stored on there.
Although this particular scam has been around for a few years, it appears to be undergoing a bit of a resurgence at the moment.
‘Messages seemingly coming from a Facebook friend much more likely result in clicks than messages sent by strangers, because people might only or primarily focus on the sender’s name at first rather than the message content, regardless whether that has red flags,’ Leslie Sikos, a cyber security expert from Edith Cowan University, told 7NEWS.com.au.
‘There are many scams of this sort, meaning that there is no single appearance or behaviour users could learn to avoid.’
What is phishing, and why is it called phishing?
Phishing is the term applied to kind of electronic communications scam that aims to obtain private information, or to spread harmful malware, via the recipient.
The phenomenon takes its name from fishing due to the parallels in unaware targets being reeled in by bait.
The term was coined around 1996, according to Computer World, as internet scammers began using e-mail lures, setting out hooks to fish for passwords and financial data from the sea of Internet users.
Hackers commonly replace the letter f with ph, a nod to the original form of hacking known as phone phreaking
How does phishing work?
The most well-known form of phishing involves the mimicry of official emails or text messages from trusted companies including Amazon, Paypal, all UK banks, Netflix, delivery companies, mobile phone providers, eBay and so on.
Phishing emails can also masquerade as messages from a council authority, HMRC, the Government, the police or a hospital.
The phishers replicate to the best of their abilities, the exact logo of the company and then compose a phoney email.
Usually, the phishing messages explain that you need to update your billing details / address, employment record, your bank card details and so on, or they urge you to check up on a delivery tracking number.
So it always pays to check your messages carefully to avoid falling for the trick.
MORE : This is how scammers are using the energy crisis to con us
MORE : NFTs are a ‘financial scam’ says indie marketplace itch.io
Get your need-to-know
latest news, feel-good stories, analysis and more
window.fbApi = (function () {
var fbApiInit = false; var awaitingReady = [];
var notifyQ = function () {
var i = 0,
l = awaitingReady.length;
for (i = 0; i < l; i++) {
awaitingReady[i]();
}
};
var ready = function (cb) {
if (fbApiInit) {
cb();
} else {
awaitingReady.push(cb);
}
};
var checkLoaded = function () {
return fbApiInit;
};
window.fbAsyncInit = function () {
FB.init({
appId: '176908729004638',
xfbml: true,
version: 'v2.10'
});
fbApiInit = true;
notifyQ();
};
return {
'ready' : ready,
'loaded' : checkLoaded
};
})();
(function () {
function injectFBSDK() {
if ( window.fbApi && window.fbApi.loaded() ) return;
var d = document,
s = 'script',
id = 'facebook-jssdk';
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {
return;
}
js = d.createElement(s);
js.id = id;
js.async = true;
js.src = "http://connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}
if (
!document.body.classList.contains('image-share-redesign')
&& 'object' === typeof metro
) {
window.addEventListener('metro:scroll', injectFBSDK, {once: true});
} else {
window.addEventListener('DOMContentLoaded', injectFBSDK, {once: true});
}
})();
Source link