A client of ours received a Facebook message directly from a relative. It contained a link supposedly with information about the death of a family member. The client clicked the link and "nothing happened."
Similar messages with emotionally charged content are sent every day. The goal of the scammers is to take control of your phone and your accounts, potentially accessing your bank funds or stealing your identity.
While nothing apparently happens when you click a bad link, your phone can be immediately compromised.
It can take days of effort over a period of months to recover from identity theft. So pay attention to the telltale signs of Facebook Messenger scams.
Scammers will appeal to our human desire to:
- Help a relative in need
- Appear generous
- Win “free money”
- Be loved and admired
- Avoid a penalty
- Keep access to a service
- ... and many more
By tricking one of your friends or relatives into clicking a link, a criminal can take over their account. Then the criminal sends messages or emails directly from the account to you and others who trust the apparent sender. That is what happened to our client.
Be suspicious of any message or email that triggers an emotional reaction and contains a link, especially short ones!
It is better to independently confirm that the person actually intended to send you a message. Use a communication method different from the one by which you received the message. Even then, you need be careful that the person's other communication services have not been compromised.
It makes sense to check your phone occasionally for signs that it has been hacked. Here are some of the potential telltale signs:
- New apps appear on your screen.
- You see records of calls or texts that you didn't send.
- Spammy pop-ups appear.
- Your phone is suddenly slower than before.
- Your data usage spikes.
How to Respond to Being HackedIf your phone has been hacked, take these steps right away:
- Go to a computer and change the passwords for all the accounts you access from your phone.
- Enable multi-factor authentication (MFA or 2FA) on all your important accounts if you haven't already done so.
- Back up your phone's data.
- Consider resetting your phone to remove everything and start over.
Resetting your phone and reinstalling your apps can be a time-consuming process. Nevertheless, you might be pleasantly surprised at much clutter you get rid of since you don't need to reinstall all the apps you may have accumulated.
The bottom line: Be careful about clicking links!