[Fox News] Scammers are using fake news, malicious links to target you in an emotional Facebook phishing trap

Beware of a new scam that preys on your emotions on Facebook

Scammers are hacking into people’s Facebook accounts, posting sad messages like “I can’t believe he’s gone,” and tagging you or other people to get your attention.

You might think they are mourning a loved one and want to offer your condolences, but don’t fall for it. 

It’s a trick to make you click on harmful links that could compromise your security or privacy.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

The scam starts with a post from someone you know that says, “I can’t believe he is gone. I’m gonna miss him so much.” The post has a link to a supposed news article or video, but it is actually a trap. If you click the link, you are taken to a fake web page that asks you to log in to Facebook. If you do, you are giving away your Facebook password to the scammers. There is no news article or video, only a clever way to steal your identity.

THIS FACEBOOK MESSENGER PHISHING SCAM IS STEALING MILLIONS OF PASSWORDS

The scammers use hacked Facebook accounts to spread these “I can’t believe he is gone” phishing links. The posts look like they are from your friends and relatives, which makes them hard to resist. If you fall victim to this scam, the scammers can use your Facebook account to post the same message to your contacts and lure more people into their scam.

MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP

The “I can’t believe he’s gone” Facebook scam is a clever scheme to trick you into clicking. Let’s analyze the mental and social techniques that make it so effective.

The scam post looks like it comes from one of your Facebook friends. But in reality, your friend’s account has been taken over or copied by a scammer. The familiar name and photo make it seem like a personal message. You are more likely to pay attention to shocking news from a friend than from a stranger.

The post starts with, “I can’t believe he’s gone, I’m gonna miss him so much.” This makes you think that the person has lost someone close to them. The emotional tone appeals to your sympathy, making you want to watch the video to find out what happened.

The fake headline from a reputable news source like CNN or BBC News gives the impression of authenticity. You are used to trusting major media outlets, so a headline from them seems reliable. This makes you believe that the tragedy is real.

The shocking post and article headline create a strong curiosity. Who died? How did it happen? You feel the need to watch the video for answers. This is exactly what the scammers want you to do.

The video thumbnail shows a car accident or another disaster that supposedly caused the death. You tend to trust what you see with your own eyes. This image makes the accident seem real and tangible.

Seeing a friend share such sad news makes you less suspicious. Your first reaction is to offer support, not to doubt if it’s true. This trust in friends helps the scam avoid Facebook’s spam detection.

By sending you to an external site, the scam avoids any warnings you might get on Facebook. On Facebook, you can see where the links go before you open them. But these redirects hide the destination.

MORE: HOW TO PROTECT YOURSELF FROM SOCIAL MEDIA SCAMMERS

1) Don’t click the link: Make sure to hover your cursor above the link to see what it reads; usually, legitimate news sources have their names in the URL. It is best to go directly to the news source and search for the specific story you are looking to read.

2) Remember that people on Facebook get their accounts hacked all the time: Even if you are tagged, make sure you only open links from people you actually know well. And even before you do, look for changes in activity or behavior from the profile you are looking at.

3) Confirm with the friend: If you have doubts, contact the friend who posted the message to verify it. They probably didn’t know their account was used for a scam.

4) Look at the Comments: Often, other users will expose scams in the comments. Check if anyone is saying it’s a hoax or a breach.

5) Have good antivirus software on all your devices: Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links that may install malware on your devices, allowing hackers to gain access to your personal information. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

MORE: GHOST-HACKING: HOW TO PROTECT YOURSELF FROM SCAMS FROM BEYOND THE GRAVE OF THOSE YOU KNEW

Exit the fraudulent page or video immediately: Do not stay on the website or video that the link opened. The longer you are there, the more danger you face. Leave the page as soon as possible without entering any information or downloading anything.

Perform a malware scan with your antivirus software: Some redirects may secretly download or install malware such as viruses, Trojans, spyware and other harmful programs on your device. Use your antivirus software to scan for any malware and remove it before it causes any damage or steals any data.

Reset your Facebook password: Your Facebook account may have been hacked. To prevent further access by hackers on another device, go to Facebook’s security settings and change your password. Make sure it is different from your other passwords and hard to guess. Consider using a password manager to generate and store complex passwords.

Turn on two-factor authentication for Facebook: Two-factor authentication makes your Facebook account more secure. After resetting your password on another device, go to the two-factor settings on that other device and enable it. This means that you will need your password and another verification method, such as a code or biometrics, to log in.

Monitor your accounts for any unusual activity: Keep an eye on your social, financial and email accounts for any changes that you did not make. Hackers may use your Facebook account to break into other accounts linked to it.

Review your credit reports and freeze your credit: If you shared any personal information, you may be at risk of identity theft. Get your credit reports from Equifax, Experian and TransUnion and look for any accounts that you did not open. You may want to freeze your credit with each bureau to prevent criminals from opening new accounts in your name.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Use identity theft protection: Given the sneaky rise of Facebook phishing scams that use fake news and dodgy links to play on our emotions, it’s important to up our game in staying safe. That’s where identity theft protection comes into play. Identity theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

Be careful of related scams via phone and email: Watch out for suspicious calls or emails that may be related to the scam as a result of you inadvertently revealing your personal information, such as an email or your phone number. Scammers often use various tactics to deceive you into divulging sensitive information. Once scammers have this information, they can use it to perpetrate further scams, such as phishing attempts or identity theft. Do not answer or click on any links or attachments. They may try to trick you into giving more information or money.

With life moving at the speed of life, it is hard to recognize a scam on Facebook, especially when you’ve been tagged on an emotional post by someone you know. But it pays to slow down before you respond to or click on Facebook posts pulling at your heartstrings.

Have you ever encountered a scam post like the one described in the article? How did you react? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.

Read More 

[Fox News] How hackers are exploiting Windows SmartScreen vulnerability to spread malware

If you use a Windows computer, it’s time to update it yet again — before hackers get to you with the latest Windows malware threat. Phemedrone is an open-source malware that targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram and Discord. And, this time, it’s getting to ordinary Windows users simply by getting around antivirus via Windows SmartScreen.

If that sounded like a lot of jibber-jabber, let’s break down what this means exactly, how it works and what else you need to know so you don’t end up a victim of this clever malware scam.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

Before we detail this specific threat, let’s talk about Windows SmartScreen. Windows SmartScreen is a cloud-based, anti-phishing and anti-malware component found in many Microsoft products, and it determines whether or not a website is potentially malicious to protect users from downloading harmful viruses to their devices. It does this by analyzing webpages and identifying suspicious behavior that could be indicative of malicious sites, apps and files that could be potentially downloaded.

It has several tactics that it uses to make this determination. Still, essentially, if and when it does, it will notify the user via Windows SmartScreen, showing you a warning on the page that lets you know whatever you’re about to do could be dangerous.

MORE: WATCH OUT FOR THIS NEW MALICIOUS RANSOMWARE DISGUISED AS WINDOWS UPDATES 

Unfortunately, a vulnerability in Windows Defender known as CVE-2023-36025 was discovered and exploited by hackers back in November 2023, allowing bad actors to sneak past Windows Defender SmartScreen. It did this by hosting the malicious URL — which was shortened to be less suspicious — on a trusted cloud provider, like Discord or Filetransfer.io, though didn’t mention exactly how users were tricked into doing it. After all, this is a sophisticated hack.

Windows recognized these to be safe, while hackers were able to turn off the prompt that would otherwise enable Windows SmartScreen to pop up. As long as someone clicked the URL, Windows SmartScreen didn’t see it as harmful and, therefore, did not give a warning to users.

What would happen after this is that the victim would unknowingly download a control panel item (.cpl) file from a command-and-control, which allows hackers to essentially communicate with and control the device that they’ve compromised. Once they’re in, they launch a PowerShell loader, which grabs a PDF ZIP file labeled “Secure.pdf.” But, that’s no secure PDF…that’s a sneaky file disguising the Phemedrone malware. Then, boom. It’s on your device. And this is what would happen next.

MORE: BEST DESKTOP COMPUTERS FOR 2024 | BEST LAPTOPS FOR 2024

The type of malware in this particular threat is known as Phemedrone, and no, it’s not the name of medicine — it’s a new open-source malware that has the main goal of stealing data stored in web browsers, funds from your cryptocurrency wallets and other data, including password managers like LastPass. It can even steal cookies, autofill data and browser data, as well as any other files and folders on your computer that the hacker wants access to.

And that’s not all. This malware is also capable of:

MORE: WHY THAT FREE WINDOWS DOWNLOAD COULD COST YOU MORE THAN YOU BARGAINED FOR

Now, the reason you’re here — to protect yourself. New threats are coming out every day as hackers become more savvy and find more loopholes to exploit. But, in the case of this specific threat, Windows patched it up already and introduced the protection in a software update. This means that all you need to do is keep up with your software updates on Windows to protect yourself, which you’d be surprised how many people forget to do or ignore altogether. These software updates are important in keeping you safe, not just from this threat, but any others that may come your way.

Additionally, remember not to open or click on any links or files that you don’t know to be legit. Of course, hackers find sneaky ways to convince you that a link can be trusted even when it’s malicious. But stick to downloading files and apps from trusted browsers and app stores, and think twice before clicking on links in messaging apps.

An effective antivirus software is a must-have. It’s the best to help stop and alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails and ultimately protect you from being hacked. The best way to protect yourself from having your data breached is to have antivirus protection installed on all your devices. Having good antivirus software allows you to be resilient against growing attacks like Phemedrone malware by actively running on your devices. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Well, the biggest takeaway from this is that you can never be 100% safe online. Even the tools that are meant to protect you — like Windows SmartScreen — can be exploited from time to time. So, stay vigilant and have good antivirus software running on all your devices.

When was the last time you did a software update? How do you decide when it’s time to perform an update? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.

Read More