Would you fall for this phishing attempt?
We all like to think we are observant and worldly wise, too sharp to fall prey to a scammer. Well for some of us that might be true, at least most of the time. The danger comes for all of us when we are tired, stressed or in a hurry to get something done. Nobody is immune to being scammed. Phishing scammers are active on Facebook as well as email.
I was sat at my desk one afternoon, tired and in a hurry to get some important tasks finished. A notification turned up in the feed of my Facebook business page warning me that the page had been reported. My page was apparently scheduled to be disabled unless I proved my identity. See the message below and observe the way the notification is structured. It’s actually a share but, at a glance, it looks like a genuine message from Facebook:-
The above message is very cleverly laid out indeed. It features the Facebook official logo. It exploits fear of the page being disabled and is intended to provoke outrage in the recipient having apparently been reported to Facebook for no apparent reason. This message has been intentionally crafted to manipulate the recipient into acting immediately to defend their Facebook page against being wrongly taken down. The link provided, allegedly to confirm your account, is far enough down the text block that, were you in a hurry, you might not take the trouble to read it properly to ensure it is a genuine Facebook address.
See the image below to see where the link takes you, it looks like a genuine Facebook confirmation page:-
By the time you have arrived at the above page, you may not be thinking straight and extremely irate in the false belief that somebody has reported your perfectly innocent page to Facebook. This might cause you to fail to notice that the website address in the address bar does not belong to Facebook at all. It is actually a phishing website under the control of a team of scammers. If you were to enter your username and password then hit the “Log In” button, you would have handed the scammers the means to take over you Facebook account and lock you out of it. This means they would also have complete control over all of your other Facebook assets, including your Facebook Business pages.
Possible implications of falling victim to a phishing scam
So what could be the implications for you should scammers use a phishing technique to obtain full control of your Facebook account? Here are some of the things that could potentially happen. The first item in the list is the most deeply worrying, particularly if you don’t immediately realise that you’ve been scammed:-
- If your children are on your friends list then an intruder in control of your account could contact them, pretending to be you.
- Likewise, an intruder could contact your partner or relatives in your name and tell them anything they wanted to.
- They would have full control of your personal and business page feeds and be able to post whatever they fancied, including pornographic or deeply offensive text and images in your name.
- They could join groups and post on pages in an attempt to scam others using your identity.
- They might gather information from your account that could be used against you for the purpose of identity fraud.
- There are numerous websites that you might have access to via your Facebook account and, of course, anybody in control of your account would have access to these too.
- Lastly, but not least, an intruder would have full access to all of your private messages and could quite easily post the contents of them on your public feed.
If you believe yourself to be safe and beyond being fooled by a scammer then you are in danger of maybe switching off to the ever-present security threats online. This is, even more, the case when you are tired, distracted or under a lot of stress. Remember that scammers are continually pulling off phishing scams on social media as well as by email so never let your guard down, not even for a moment.
You may have observed that the grammar used in the scammer’s message above is poor in places. However, you might not have noticed the poor standard of grammar if your eyes were immediately drawn to the bottom half of the message. Poor grammar is, of course, always something to look out for if concerned that a Facebook message or notification might be a scam.
The main image at the top of this article is actually a Facebook page set up by scammers to help them carry out the phishing scam described above. The clue is immediately beneath the words “Warning Page” on the left-hand side of the image. Would you have even spotted this clue if we hadn’t just pointed it out?
Latest posts by Neil Smith (see all)
- Supercharge Your Facebook Account With Social Fixer - 1st June 2017
- Are you too sharp to be scammed on Facebook? - 11th May 2017
- Why We Switched To Linux - 25th April 2017