Cyber criminals now use messaging apps to harvest data – FBI

FBI agents have issued a warning about a new scam that targets instant messaging apps, including Facebook Messenger.

The scam attempts to trick users into opening a malicious link that harvests their personal data and login credentials for social networks, like Facebook.

In a bid to coerce people into opening the suspicious URL, cyber criminals pose a question to their targets: ‘Hey I saw this video. Isn’t this you?’

Although the original warning from the FBI highlighted Facebook Messenger as a particular platform of concern, this has since been amended after the scam was found on other rival platforms.

It’s unclear how many people have been hit by the latest scam, or how exactly cyber criminals are generating revenue.

However, email address and password combinations used to login to popular social networks and websites are regularly sold on the dark web.

The most common version of the scam highlighted by the FBI’s Portland office takes the user to a fraudulent website designed to resemble the Facebook login page.

The webpage is a fake controlled by a fraudster who is able to steal any details inputted by users mistakenly believing they’re logging into their Facebook account.

If people use the same email address and password combination on other websites, hackers can use the stolen details to login to those as well.

This can allow criminals access to online banking, or frequent flyer miles.

Other forms of the scam can be more direct in approach, taking targeted users to a page that automatically harvests their login credentials, the FBI warns.

According to the FBI staff member, they first witnessed the scam after they were contacted by a friend on Facebook Messenger.

‘The message included a video link and read: “Hey I saw this video. Isn’t this you?”,’ the FBI agent explained. ‘I was suspicious, so I didn’t click on the link.

‘The next day he contacted me outside of the app and said that fraudsters had hacked his account and to not click on any of the links that were sent because they contained a computer virus.’

Warning the public, the FBI said: ‘The best way to spot and avoid these scams is to avoid clicking on any links that you receive from friends or family until you contact the sender outside of app to verify that he was the one who really sent the message.

‘If you are concerned about the legitimacy of a particular account, report it through Facebook.’

What should you do if you think you have been scammed?

1. Contact the company or person who took your money – this could be fruitless if it’s a scam, but it should be your first port of call.

2. If you bought something costing £100 or more on a credit card, you may be able to claim it back under a little-known law: Section 75. Once you’ve paid using a credit card, the card provider and retailer are locked into a legally binding contract, so if the retailer can’t or won’t refund you, you can raise the dispute with your card provider.

3. If you can’t claim the money back via Section 75 you could try using the chargeback scheme. It’s a voluntary agreement by your debit or charge card provider to stand in your corner if anything goes wrong.

4. Unfortunately, if you’ve transferred the money using sites such as Moneygram, Western Union or PayPal, you generally can’t get your money back once you’ve handed it over. Source: Money Saving Expert.


About Delia Innoma

Delia Innoma is a prolific writer, promoter, artist manager with full professional proficiency in English, German and Igbo languages. She studied accounting and computer programming at the Institute of Management and Technology Enugu and Germany respectively. Delia is also a devoted mother of two and she founded the Diamond Celebrities Magazine. Her sense of responsibility and commitment to the Christian faith are essential forces driving her daily activities.

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: