Search

Don't let "guess who's dead" Facebook scams kill your account!

Facebook users should be on the lookout for suspicious messages sent via Facebook Messenger asking them to click a link to “see who just died”.


Cyber villains are constantly looking for different ways to entice Facebook users into clicking links they really shouldn’t be clicking; links that lead to spoof or malicious websites.


The latest scam sees a recipient receive a message purporting to be from someone they know on Facebook trying to gently persuade them to click a link with the lure of “look who just died, I think you might know him”. See an example below.



The message is likely to pique the curiosity of the recipient due to its emotive nature, and that’s the point of the scam. It’s designed to trick the recipient into clicking the link, and because it appears to have been sent by a friend, it may seem just that little bit more convincing.


Meanwhile the “sender” is unaware a message has been sent “by them”. Speaking to one victim who wishes to remain anonymous, they said:

“I’m not sure what happened. I looked at my phone and on Facebook Messenger I had about 100 messages from people who had told me they had tried to open the link I’d sent but couldn’t, and others who saw the signs of a scam and messaged me to tell me I may have been hacked.
I was still able to use my account to warn people I had been hacked, but I have no idea how this message was sent from ‘me’. I changed my password and it seems ok now”.


Facebook is awash with adverts, promotions and fun quizzes, some of which could contain malware which, when opened, could infect your account and may send out these types of messages.


Be careful when interacting with pages or accounts you are not following, are unfamiliar with and do not know the origin of. Don’t click on anything you don’t know. More on this here: Why It's Dangerous To Answer "Fun" Questions On Social Media! - PCS (helpmepcs.com)


Any recipient who clicks the link within these rogue messages could potentially grant the scammer access to their Facebook account, allowing them to hack the account and possibly plant malware.


People have also reported that their account “turned to garbage” after clicking the link. Others had to reset their password and security settings and in some cases users had to delete their account entirely.


Previous iterations of this same scam have spread across Messenger. Some messages would claim the recipient appears in a video, or simply state: “look what I found“. Both using curiosity as the hook.


All of these scams have been associated with both phishing and malware. If you receive a message that you think looks suspicious or do not trust, ignore and block the account if you don't know the person. If you do know the person, contact them outside of Facebook and let them know their account has been compromised and they should change their password and review their privacy and security settings. Setting up two-factor authentication (2FA) is encouraged, too.


See our blog on this topic: 23m people used 123456 as a password.

 

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

 

The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.

 

EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.