I didn’t want to admit this, but I guess I have to tell my shameful story to kick off this post. On Friday morning, I almost fell victim to a stupid online scam. The kind of scam I warn older relatives to look out for – you know, because they aren’t as tech savvy as me. Yeah, not my finest hour. But in my defense, scammers have gotten a lot more sophisticated. This looked pretty legit.
Here’s how it happened. I get a message from “Facebook” via the app on my phone:
24 hours and my account is cancelled? Ummm, no thank you! How will I live in a Facebook-free world?!? I’ve spent the last nine years wasting time on this platform. In a panic, not really paying attention to all the details of the message, I click the link – and am brought to a landing page that looks all too official:
And I think, wow, is this really happening? Until I look closer. Wait, why does Facebook need my email password? And this URL doesn’t look right…
Yep. That’s not even a Facebook URL. And when I click on the user who sent me this Facebook message…
…I see that it’s not Facebook at all but rather the profile of a friend of mine from home, complete with photos of her kids, that has been hacked by some creepy Facebook phishers. I’ve been duped.
So, now that I’ve got that embarrassing story off my chest, let’s get down to what I learned and how others can recognize and avoid Facebook scams. I’ve pulled together a few items to beware of when it comes to Facebook security.
- Always check the URL. If it’s a true Facebook page, it will live on Facebook.com. End of story.
- Facebook will never ask you for personal information. This includes your account password or other passwords, credit card information, or social security number.
- Facebook will never send you a message claiming that your account will be deleted or locked unless you take immediate action. Instead, they might alert you if they notice suspicious activity on your account but this would almost always happen on login.
- Avoid anything that looks suspicious. Misspellings, typos, and weird fonts or characters are a pretty good indication that something fishy is going on.
Once you’ve identified suspicious activity, it’s smart to report it. First – change your password right away. Better safe than sorry.
Then, report the suspicious activity to Facebook:
Also, let your Facebook friend know that their account has been compromised – contacting them outside of Facebook in case they’ve lost access to their account.
Have you seen any suspicious activity on Facebook? Let us know – tweet us at @451Heat!