A phishing scam is spreading through Facebook Messenger that is tricking Facebook users into giving up sensitive information (and even money) under the belief they are signing up for some type of government financial relief scheme.
Imagine receiving a message over Facebook from a friend who – according to their excited messages – has just received a large lump sum of money from a government grant scheme, and they want you to do the same.
That’s the crux of the latest phishing scam to do the rounds on Facebook, with scammers hoping that the cost-of-living crises in the aftermath of the COVID pandemic and Ukraine war will prove sufficient to lure Facebook users into believing this scheme is the real deal.
It starts with an innocent message from a ‘friend’. “How have you been”? or something equally innocuous. But things soon start to turn sinister when that ‘friend’ begins telling you about a government program that, if you enrol, could land you with a cool payout of thousands…
just as soon as you click this link…
Of course, online, if it appears too good to be true, it probably is. And that is the case here. The government scheme isn’t real, and you’re not really talking to your Facebook friend. It’s an impostor who has taken control of their Facebook account.
Sponsored Content. Continued below...
And that link they send to you is likely to lead to three things (none of which will land you with a large payout.)
1. It will provide crooks the opportunity to try and steal your Facebook login details. Reports suggest that upon clicking the link, Facebook users are asked to enter their Facebook login details to proceed. But alas, entering those details and hitting submit will send those details to the crooks. And if you are not using two-factor-authentication (hint: you should be) then your own account is likely to start posting the same message to all of your friends.
2. It will allow crooks to try and harvest data about you. To “qualify” for the grant (which, of course, doesn’t exist) you’ll need to enter all sorts of potentially sensitive details about yourself. And any data about yourself that you enter will be sent to the crooks, potentially making you a ripe victim for identity fraud.
3. It will give crooks the opportunity to try and steal your money too. Some reports suggest that users who fell for this scam have also been asked to wire money to cover initial costs before receiving their much larger (and fake!) payout. This is called advance fee fraud – the promise of a large payout as soon as a smaller upfront cost is paid.
Sponsored Content. Continued below...
The scammers here are being clever, because they’re varying their messages a lot. They are using lots of different descriptions and acronyms with each scam. However most messages appear to be promoting some type of government relief or grant scheme that will payout thousands of dollars. Now, there are a variety of genuine government relief or grant schemes out there right now, depending on where you live. But NONE of them will use social media to try and enrol people, so if you’re getting messages urging you to sign up for something similar, you should be assuming it is a scam.
If you receive a message from someone on Facebook and it seems suspicious or involves visiting an external website, be sceptical. Always try and verify you are really speaking to your Facebook friend and not an impostor before clicking on any links.
If you’re ever asked to enter personal details or passwords, firstly, always verify the website you’re on. Is this a real website? Do I trust this website? Is the URL of this website legitimate? Should I do some research first or at least ask someone before entering my private information?
Finally, if you’re asked to send money in order to receive more money, don’t. That’s the classic hallmark of advance fee fraud. You’ll lose whatever money you send.
If you fell for the scam and clicked a link and entered your details, change your Facebook password immediately. If you gave away any sensitive financial information, contact the relevant financial institutions (e.g. your bank) and let them know what has happened.
Oh and one more thing – scams like these are a good reason to protect your Facebook account with two-factor-authentication so your account doesn’t wind up sending these same messages to all of your friends.