- Oct 23, 2012
- 12,527
A new scam is going around on Facebook, one that's quite easy to detect if you're an old, battle-forged Internet user, but one that could also fool some non-technical users into disclosing personal information such as their Facebook login credentials, credit card details, and their PayPal username and password.
The scam, spotted online by Luke Williams from RNLI, and analyzed by cyber-security vendor Malwarebytes, is specifically aimed at Facebook Pages owners.
The spammy messages are spread around on Facebook via comments left on Facebook pages and are directed at their owners. The account from which they're made has the "Facebook security" name, but it's not an account affiliated with Facebook in any way or form.
The scam, spotted online by Luke Williams from RNLI, and analyzed by cyber-security vendor Malwarebytes, is specifically aimed at Facebook Pages owners.
The spammy messages are spread around on Facebook via comments left on Facebook pages and are directed at their owners. The account from which they're made has the "Facebook security" name, but it's not an account affiliated with Facebook in any way or form.
The scam is spread via comments on Facebook pages
The message urges Facebook page owners to access a link (shortened via LinkedIn's URL shortener lnkd.in), otherwise, they'll have their page disabled. Some of the spammy messages are embedded at the end of this article.
If the user is tricked by this message and clicks on the link, he'll arrive at a page where the scammers are asking him for his Facebook login credentials, along with his date of birth.
Thank God for browsers like Chrome and Firefox that flag the final website as malicious. In case you don't use one of these two, you'll have to be able to recognize the scam on your own.
Scammers are after your financial data
If any user is careless enough to enter their Facebook login credentials, the scammers won't stop here. Next they'll ask for all your credit card details, and to convince you, they'll threaten that your Facebook payment feature will be disabled otherwise.
But the scam doesn't end here either, and there's also a third page, made to look like the PayPal login form. If alarm bells aren't already ringing in your head when you suddenly go from a page destined to deal with Facebook data to a PayPal look-alike, then you probably deserve to have your PayPal login details stolen.
Just remember, if Facebook wants to disable your Facebook page, it has better, and more personal ways to inform you about it, not via comments left on your posts