In a familiar scenario, scammers are once again adopting the guise of legitimate services or companies to deceive potential victims. One recent case reported to TheTechBasic involves an attempt to steal Facebook credentials.
Please follow us on Twitter and Facebook
A Facebook user reported receiving a direct message through Messenger from a page named “Tyler-Sp,” masquerading as Meta’s support team and using the company’s logo to lend credibility to the fraudulent attempt.
The message claimed to be an “important official notification,” warning the user that their page would be permanently deleted due to an alleged copyright infringement. See below:
The message presented a trap, suggesting that if the user believed the alleged violation was unfounded, they should click a link to file a complaint before the false removal occurred.
The Art of Social Engineering
The scammer effectively employed the method of “social engineering,” tailoring the attempt more personally to each potential victim. This approach increases the likelihood of the scam’s success.
In this specific case, the cybercriminal targeted a user with a work-related page, foreseeing significant losses for the individual if their page were taken down. This targeted alarm was likely more convincing to the person involved.
Indicators of a Scam
Several clear signs indicate that this is a scam. One key aspect is the external account’s approach rather than a notification from the platform itself.
Upon accessing the described profile, there is no indication that it is an official Meta account for announcements – especially since the company does not issue alerts in this manner.
Another red flag is the link used. While the presence of “facebook.com” at the beginning might deceive some inattentive users, a closer look at the complete URL reveals that it leads to another site.
The “official” initials serve as a redirection to another web page. The malicious site the individual would be directed to follows a different path, “fyp.bio,” where the cybercriminal collects the user’s data for potential unauthorized access to their account.
Read Also: New Security Vulnerability Allows Hackers To Access Google Accounts Without Passwords
Widespread Impact
Although TheTechBasic received this alert in a seemingly targeted manner, it appears that the reader is not the only one facing this issue. Similar reports of the same scam can be found online.
One instance was documented on the Reclame Aqui platform, where a user from Novo Hamburgo/RS received a similar message through Facebook chat and seemingly believes it to be a legitimate case.
This further underscores the social engineering tactics employed in this scam. In the disclosed message from the online complaint, there is no mention of professional repercussions but rather signs of impacts on personal social media accounts.
Protect Yourself from Such Scams
To safeguard against these types of scams, the first piece of advice is not to trust messages from unknown contacts with alarmist texts and external links. Meta and other companies typically do not communicate in this manner.
Avoid clicking on links sent through messengers without provenance. They may redirect you to malicious sites, risking the theft of your credentials or the installation of malware on your device.
Lastly, if you receive a suspicious message, do not hesitate to report the profile responsible so that appropriate action can be taken against the cybercriminal’s account.
Read Also:
Facebook Introduces Option For Users To Disable Site Tracking