Urgent warning to Facebook users over ‘I can’t believe he’s gone’ scam that tricks you into downloading malware – here’s what to look out for
Cybersecurity experts have issued an urgent warning to Facebook users over a new scam they have created the ‘I can’t believe he’s disappeared’ scam.
This emotionally manipulative scam tricks users into downloading malware, with messages with fake BBC branding and implying that a loved one has died.
Clicking on the linked message will take users to a compromised site designed to collect their personal information.
Marijus Briedis, cybersecurity expert at NordVPN, said: “If you come across unexpected or alarming messages, especially those about personal emergencies, take a moment to verify their legitimacy before clicking on a link.”
Here are the key signs to look out for to ensure you don’t fall victim to the scam.
Cybersecurity experts have urgently warned Facebook users over a new scam they’ve created the ‘I can’t believe he’s disappeared’ scam
This emotionally manipulative scam tricks users into downloading malware, with messages with fake BBC branding and implying that a loved one has died (stock image)
The “I can’t believe he’s a scam” was first highlighted by cybersecurity researcher Pieter Arntz of Malwarebytes.
As Mr Arntz explained in a blog post, the scam consists of a message containing some variation of “I can’t believe he’s gone. I will miss him so much’ and a link.
If you follow the link you will be taken to another Facebook post with what appears to be a BBC news article about a fatal road accident.
This message will also contain slightly different text than the original, which reads: ‘I can’t believe this, I’m going to miss him so much.’
But while this message may seem legitimate at first glance, it is actually a fake link to a malicious website.
Mr Arntz writes: ‘The BBC news logo in the photo and the BBCNEWS part of the URL are clearly intended to gain your trust and suggest that it is safe to play the video.
‘In reality, you will be redirected to the link shown directly below the film. We found several variations of that URL. All composed like this: ‘BBCNEWS-{6 characters}.OMH4.XYZ’.’
As Mr. Arntz explained in a blog post, the scam consists of a message containing some variation of “I can’t believe he’s gone. I will miss him so much’ and a link
If you follow the link, you will be taken through several redirects designed to perform ‘fingerprinting’.
This is where sites collect information about your browser, location and other sites you have visited so that they can direct you to a site that is likely to generate profits for you.
Ultimately, you will be taken to a site filled with pop-ups that can lead to fraudulent sites, malware downloads, and potentially unwanted programs.
Cybersecurity experts say this scam is particularly dangerous because it aims to gain your trust.
The messages come from accounts that have been hijacked by hackers and therefore appear to come from someone the user trusts.
In a Reddit postone user explained how their aunt’s Facebook account had been hacked and was now sending hundreds of “I can’t believe he’s gone” messages.
Mr Briedis said: ‘Because you are led to believe that it is a friend posting the news, you are caught off guard and are less likely to doubt the authenticity of the apparently tragic news.
‘This also allows the scammers to successfully bypass Facebook’s spam filters.’
Then, by using what appears to be a video from a legitimate source, the scammers can convince users that the message is trustworthy.
To stay safe online, experts say to be wary of messages that try to create a sense of urgency. Check the URL carefully before clicking anything, and consider contacting the original poster via another platform to confirm the news directly with them (stock image)
To ensure you don’t get caught by this scam, Mr Breidis says you should take some simple steps.
If you see a post with alarming news, contact the person who posted the post instead of following the link.
Mr Breidis said: ‘Approach the friend involved in another way to confirm the authenticity of the message. Keep an eye out for unusual details in account profiles as they could indicate a compromised account.”
Be wary of messages that seem to create a sense of urgency; it is better to take some time to assess the situation for yourself.
If you think the post is legitimate, look for other news sources or search for the event yourself instead of following the link directly.
Mr. Breidis also advises users to carefully examine the URL or post they wish to follow.
If the URL is not for the website it claims to be, something dodgy is going on.
Finally, Mr. Briedis says to keep your browser up to date and stay on top of the latest scams.
Making sure that both you and your computer are well prepared for any potential scams is the best way to avoid unpleasant consequences while browsing online.