‘Please send money scam’
An unknown account sends a message stating that he/she has been mugged. Descriptions of events seem accurate including real names and places. Finally, the sender requests a certain sum, which will enable him/her to return home safely.
Facebook has attributed such scams as ‘Please send money scams’. The sender’s account is either fake or has been taken over by cyber criminals. On receiving ‘please send money scam’ messages, Facebook advices to report/block the account.
Phishing is a common way to to hack account(s). Phishing links are sent within messages or through chats.
Phishing links through messages:
A message, which has scrambled words with funny fonts, is the first indication of a Phishing attack. Typo errors and misspelled words are other significant signs to look for. Such messages will be themed around offering gifts such as coins, jewels or any other artifacts. Finally, you will be asked to click on a link placed at the bottom of the message. Immediately report accounts who send such messages.
Phishing links in chats:
If any strange links appear while chatting, then beware. The account through which phished links appeared while chatting is probably compromised. Report the link immediately. However, doing so will not affect the account. Only the link will be considered for review by Facebook’s security team.
What to do if I had clicked on Phishing link accidentally?
If accidentally, a phishing link is clicked, go to password settings in your profile and change your password immediately. This will eliminate any Phishing threat. It is important to ensure that your new password is hard to crack.
Malicious Script Scam
Often you will come across Facebook applications requesting to copy a certain script and paste it in your browser. Such scripts are malicious in nature. For instance, some applications will provide a list of your profile visitors when the script is pasted in your browser. Apart from showing recent visitors, these applications send events and messages to your friend list. These applications and scripts should be avoided. A screenshot of one such application is shown below:
Occasionally, some emails will request to reset your password, give a warning or will be about notifications. These mails are so convincing that they appear to be from Facebook. A request to click at the link provided at the bottom of the message should alert you. To check the validity of the link, right click and copy it. Later paste it on a separate tab and make sure that the URL starts as www.facebook.com.
Note: Facebook, or any other safety conscious company, will never request your password through email.
Never click on links within suspicious notifications. For instance, you will receive a notification stating that you had requested a password reset albeit you never had requested. Other suspicious notifications include the ones notifying you of registration of a new Facebook account. With the help of your email provider, mark these mails as spam.
Cyber criminals are on the rise. It is your responsibility to safeguard your Facebook account. Next time you are using Facebook, be extra cautious.