HIGHLIGHTS
* Cybercriminals are now using a new tactic of ‘look who just died” to lock users out of their Facebook accounts.
* Victims are sent a phishing link claiming to be news of the death of someone they knew or admired.
* They are asked to provide their Facebook credentials to access the news, after which they are locked out of their accounts.
A new ‘look who just died’ scam is locking unsuspecting users out of their Facebook accounts. It’s no news that cybercrime is on the rise, and social media platforms are the hot targets for cybercriminals.
The new scam is a spear phishing attack where the victim receives a Facebook Messenger chat from one of the contacts saying look who just died with a phishing link to steal Facebook credentials.
A 2019 Symantec study revealed that people are more susceptible to phishing attacks with emotional triggers, which is precisely what is happening here.
Don’t Click on Links in Facebook Messages Saying ‘Look Who Just Died’
In this new type of Facebook scam, victims receive messages saying ‘Look who died,’ followed by a suspicious link, as seen in the image above.
These messages are accompanied by shock and sad emoji, phrases like ‘I know you knew him’ or ‘Died in an accident,’ and so on. These emotional triggers trick the prey into clicking on the accompanying link.
It’s clear that scammers are playing with the emotional side of unsuspecting victims, making them think someone close to them or know personally has died.
According to several Reddit users, the scam has existed for a while and continues to exist. The accompanying messages keep changing.
However, the MO of the entire scam remains the same. While the ‘look who died’ Facebook scam is the most popular and potent emotional trigger, scammers sometimes change lanes and use phrases like ‘Look, it’s you in this video’ and other such messages.
Those who fall prey and click on the link are either hacked as soon as they click or asked for their Facebook credentials to access the news.
Once they provide their credentials, hackers take over their accounts and lock them out. The buck doesn’t stop here, as the perpetrators then go on to send the same message and link to everyone in their contact list.
It’s advised not to click on suspicious links, even from someone you know. The best way to spot this scam is to look at the URL. If it looks like garbled alphanumeric series, steer clear of it. Lastly, the scam is not limited to Facebook, you might receive such messages on other social media platforms, SMS, and email as well.
What does the message read
The message says, “Look who just died,” and contains a link that seems to lead to a news article about the person’s death. The message may include phrases like “So sad” or “I know you know him/her” to make the recipient think that the deceased was a famous person or someone they know personally.
Why is it Risky
Clicking on such links can lead to malware and put personal information at risk.
How does the ‘look who just died’ scam works
Scammers may ask for Facebook login details, which can lead to account access and potential theft of financial information. Fake news links may also install malware on the device, giving hackers access to personal data.
How your friends may also be at risk
Once the hacker gains control of your account, they can lock you out and then send similar messages to your friends from your account.
‘Look who just died’ scam not limited to Facebook
This scam is usually happening on Facebook Messenger, but you may also receive such messages as text or email.
How can you stay safe
Don’t click suspicious links. Talk to your friend to confirm if it’s real. Also, keep your devices and software updated and use antivirus/anti-malware, and enable malware detection in your browser.
Beware Of Facebook’s ‘Look Who Just Died’ Scam: How To Protect Your Account
Several Facebook users have been warned about a new scam called “look who just died” in Australia that is designed to steal personal information and money by claiming the death of someone they know. The ‘look who just died’ scam is the newest scheme used by hackers on the social media platform.
How Facebook’s ‘Look Who Just Died’ Scam Works
The scam begins with a direct message from a hacker posing as a friend that says “look who just died” and includes a link to what appears to be a news article. The message might also include terms such as “so sad” or “I know you know him” to trap users into thinking they know the person.
To read the article about the alleged death, victims are asked to enter their Facebook username and password. The link to the fake news contains malware that allows scammers to steal login information and personal details from Facebook users.
The victim is then locked out of their account and taken over by the hacker who sends the same message to their friends’ list, according to a report by Daily Mail.
Moreover, the report said that the scammers can then steal any personal data associated with the Facebook account, such as email addresses, phone numbers, and birth dates, which they can then use to break into non-Facebook accounts.
How To Avoid Being Scammed On Facebook
If you get a suspicious email or message claiming to be from Facebook, don’t click any links or attachments. You can view recent emails sent from Facebook in your Facebook settings.
* Slow down: Scammers often try to create a sense of urgency or threaten you with losing your account or other action. Take the time to ask questions and think it through.
* Spot check: Scammers often mention a problem to encourage you to act. Do your research and double-check the details before clicking links or downloading files. Does what they’re telling you make sense?
* Don’t send: Scammers often pretend to be from a familiar organisation. They may use an employee photo that they stole from the Internet to convince you. No reputable organisation will demand payment on the spot.
On social media, look out for the following signs when considering whether to accept a friend request or respond to a message:
* People who you don’t know or famous people asking for money.
* Asking you for advance fees to receive a loan, prize or other winnings.
* People claiming to be a friend or relative in an emergency.
* People asking you to move your conversation off Facebook.
* People claiming to want a romantic connection with you quickly and then asking for money.
* Messages or posts with poor spelling and grammatical errors.
* A message asking for your urgent response because something is wrong with your online account.
* A message that simply asks you to log in with your social media, email address or bank account to read an important message about the services that you use online.
* Accounts that have no friends, profile photo or real-looking activity on Facebook.
Tips to keep your Facebook account secure
* Don’t click suspicious links: If you get a suspicious email, text or social media message claiming to be from Facebook, don’t click any links or attachments. First, check in your Facebook settings to see whether it came from Facebook.
* Do not download files or software coming from people that you don’t know: Use caution when installing browser extensions and third-party apps, particularly when they offer functionality that sounds too good to be true or require you to log in with your social media credentials before even using them.
* Don’t answer and report messages that ask for your password, social security number, financial information, such as credit card numbers and strengthen your online security:
* Enable two-factor authentication to add an extra security layer to your accounts across the Internet. Two-factor authentication is one of the most effective tools for combating account compromise attempts here.
* Never reuse your password across multiple websites.
* Use trusted antivirus software. It is important to keep this software up to date and scan your devices for malware regularly.
* Turn on login alerts so that you’ll be notified if someone is trying to access your account. Make sure that you review your previous sessions to ensure that you recognise which devices have access to your account.
Faqs
1) ”Look Who Just Died” Text Message Scam Overview?
Ans) The “Look who just died” or similar messages are phishing scams where cybercriminals play with the emotions of their targets by falsely reporting the death of someone they supposedly know. The scam is often targeted at Facebook users but can also affect those using other social media platforms.
Hackers add a short condolence message and a phishing URL they present as their news source. By doing this, scammers convince their intended target to click on the link to learn more, and in the process, they hack the victims’ accounts.
2) How Does the “Look Who Just Died” Phishing Scam Work?
Ans) When you click on the phishing link, you are mysteriously logged out of your account, taken back to your account’s login screen, and instructed to log in again. On this screen, scammers can monitor your activity. If you enter your login details here, scammers will see this sensitive information. In this way, you unknowingly divulge these critical details to scammers.
The moment hackers gain access to this information, they can access your account and carry out whatever plans they had for it. They can misuse your identity in several ways to fulfill their malicious intentions:
* Scammers can ask your friends for financial assistance or a loan. When doing so, they would create an impression that it is you who is asking for help.
* They can engage in any illegal activity, which you could be held responsible for.
* Fraudsters can use your account’s ads manager to launch campaigns if you have funds there.
* Scammers can change the admin roles of notable pages, groups, or communities you manage and use them for malicious purposes.
* Even worse, they can send the same message to your friends to expand their scam chain.
Also Read: Facebook Parent Meta’s Oversight Board Can Now Apply Warning Screens to Moderate Content
Also Read: Meta Upgrades Privacy Updates for Teens; Facebook and Instagram