One of the latest online scams is using fake copyright notices to scare people into giving away their Facebook login details. The perpetrators behind the scam are using the threat of a Facebook ban to lure in unwitting victims.
Scammers are sending emails threatening that “your Facebook account has been disabled due to a copyright notice.” They then ask for the victim’s login details in an effort to hijack their account and potentially gain access to further logins
While phishing is in no way a new phenomenon, it always pays to be aware of the latest methods in order to avoid falling prey to the endless amount of people who would love your login details.
Stay on top of threats with our guide to the Latest Email Scams
How does this scam work?
Scammers have a knack for getting email addresses associated with Facebook accounts. Whether it’s simple trial and error, buying them off of third parties, or simply grabbing them from a user’s profile, phishers have no problem filling out their address book.
After getting a list of email addresses, scammers then send out emails in bulk. In this case, the emails tell the recipient that they have broken Facebook’s terms of service, and ask them to address the problem. The email uses pretty stern language in order to prompt the user into feeling as though there’s a problem that quickly needs to be fixed – this sense of haste can lead them to miss some of the errors within the email:
“Your page has been found to be in vioIation of the Facebook Terms of Use… We previously warned you that if you continued to infringe the rights of third parties, we wouId terminate your account… If we do not receive an appeal within 24 hours, we [will terminate your account]”
This then directs the user to some pages that look a lot like Facebook, but aren’t really, asking you to fill in your information to finish your “appeal.” This information is then sent straight to the phishers.
Then, once they have your information, they have full access to your Facebook account.
What do scammers want with accounts?
Once phishers get their hands on an account, their usual aim is to use it to send spam to that user’s friends. For example, if you were to fall victim to this scam, your friends might receive messages from your account promoting some kind of shady product.
If your friends noticed that this message seemed out of character from you and decided not to click it, then there’s little harm done, but if someone mindlessly did click on it, their computer or Facebook account could be at risk.
Why do phishers need to jump through all these hoops just to send someone a link? Well, they certainly could send out their spammy links to all kinds of people through all sorts of channels, but people are much more likely to click on a link when it’s sent by a friend or loved one, so it can be worth the scammer’s time.
There’s an additional risk, too, once a scammer has the email address and password you use for your Facebook account. Countless people the world over fall into that same old trap of re-using the same old password again and again on multiple accounts. With your Facebook login cracked, there’s little to stop the spammer from attempting to access other accounts in your name. That’s why we always recommend using a password manager, so you can safely manage complex, unique logins that you never need to remember yourself.
What will happen in the future?
Realistically, these scams are never going to stop. It’s a shame, but this has nothing to do with technology – as long as there are humans, there are going to be other humans looking to take advantage of them.
If email providers or Facebook itself crack down on this scam, another will simply take its place. So, it will fall on the user to be discerning and cautious with their login info or sensitive data.
It’s not entirely hopeless – email clients are learning how to spot these phishing emails, like detecting certain keywords or phrases which trigger the “scam” alarm. However, these phishers have even started to work around that, doing things like replacing lowercase L’s with uppercase I’s.
How to protect yourself on the internet
While you can mainly only avoid phishers via your spam filter or a vigilant eye, there are a lot of more tangible methods to protect yourself on the internet.
Anti virus software is always one of the best first steps to take when protecting your computer. Antivirus software does exactly what it says on the tin, making sure your computer is safe from any kind of foreign malware trying to worm its way into your system.
As we explained above, your accounts will always be vulnerable if you’re “protecting” them with the same password used over and over. If one account is hacked, the others could be at risk. We know it’s tempting to stick to the same password you know, but guess what – your passwords aren’t as secure as you may think.
Don’t take the risk – a couple of dollars per month is all you need to spend for a password manager to keep you protected.
