Urgent warning to Facebook users over ‘I can’t believe he’s gone’ scam that tricks you into downloading malware – here’s what to look out for

Australia
By William

Cybersecurity experts have issued an urgent warning to Facebook users over a new scam they have created the ‘I can’t believe he’s disappeared’ scam.

This emotionally manipulative scam tricks users into downloading malware, with messages with fake BBC branding and implying that a loved one has died.

Clicking on the linked message will take users to a compromised site designed to collect their personal information.

Marijus Briedis, cybersecurity expert at NordVPN, said: “If you come across unexpected or alarming messages, especially those about personal emergencies, take a moment to verify their legitimacy before clicking on a link.”

Here are the key signs to look out for to ensure you don’t fall victim to the scam.

Cybersecurity experts have urgently warned Facebook users over a new scam they’ve created the ‘I can’t believe he’s disappeared’ scam

This emotionally manipulative scam tricks users into downloading malware, with messages with fake BBC branding and implying that a loved one has died (stock image)

This emotionally manipulative scam tricks users into downloading malware, with messages with fake BBC branding and implying that a loved one has died (stock image)

The “I can’t believe he’s a scam” was first highlighted by cybersecurity researcher Pieter Arntz of Malwarebytes.

As Mr Arntz explained in a blog post, the scam consists of a message containing some variation of “I can’t believe he’s gone. I will miss him so much’ and a link.

If you follow the link you will be taken to another Facebook post with what appears to be a BBC news article about a fatal road accident.

This message will also contain slightly different text than the original, which reads: ‘I can’t believe this, I’m going to miss him so much.’

But while this message may seem legitimate at first glance, it is actually a fake link to a malicious website.

Mr Arntz writes: ‘The BBC news logo in the photo and the BBCNEWS part of the URL are clearly intended to gain your trust and suggest that it is safe to play the video.

‘In reality, you will be redirected to the link shown directly below the film. We found several variations of that URL. All composed like this: ‘BBCNEWS-{6 characters}.OMH4.XYZ’.’

As Mr. Arntz explained in a blog post, the scam consists of a message containing some variation of “I can't believe he's gone. I will miss him so much' and a link

As Mr. Arntz explained in a blog post, the scam consists of a message containing some variation of “I can’t believe he’s gone. I will miss him so much’ and a link

If you follow the link, you will be taken through several redirects designed to perform ‘fingerprinting’.

This is where sites collect information about your browser, location and other sites you have visited so that they can direct you to a site that is likely to generate profits for you.

Ultimately, you will be taken to a site filled with pop-ups that can lead to fraudulent sites, malware downloads, and potentially unwanted programs.

Cybersecurity experts say this scam is particularly dangerous because it aims to gain your trust.

The messages come from accounts that have been hijacked by hackers and therefore appear to come from someone the user trusts.

In a Reddit postone user explained how their aunt’s Facebook account had been hacked and was now sending hundreds of “I can’t believe he’s gone” messages.

Mr Briedis said: ‘Because you are led to believe that it is a friend posting the news, you are caught off guard and are less likely to doubt the authenticity of the apparently tragic news.

‘This also allows the scammers to successfully bypass Facebook’s spam filters.’

Then, by using what appears to be a video from a legitimate source, the scammers can convince users that the message is trustworthy.

To stay safe online, experts say to be wary of messages that try to create a sense of urgency. Check the URL carefully before clicking anything, and consider contacting the original poster via another platform to confirm the news directly with them (stock image)

To stay safe online, experts say to be wary of messages that try to create a sense of urgency. Check the URL carefully before clicking anything, and consider contacting the original poster via another platform to confirm the news directly with them (stock image)

To ensure you don’t get caught by this scam, Mr Breidis says you should take some simple steps.

If you see a post with alarming news, contact the person who posted the post instead of following the link.

Mr Breidis said: ‘Approach the friend involved in another way to confirm the authenticity of the message. Keep an eye out for unusual details in account profiles as they could indicate a compromised account.”

Be wary of messages that seem to create a sense of urgency; it is better to take some time to assess the situation for yourself.

If you think the post is legitimate, look for other news sources or search for the event yourself instead of following the link directly.

Mr. Breidis also advises users to carefully examine the URL or post they wish to follow.

If the URL is not for the website it claims to be, something dodgy is going on.

Finally, Mr. Briedis says to keep your browser up to date and stay on top of the latest scams.

Making sure that both you and your computer are well prepared for any potential scams is the best way to avoid unpleasant consequences while browsing online.

What should I do if I accidentally click on a scam link?

As scams become more sophisticated, it is not always possible to avoid clicking on every dodgy link.

What should you do if you realize you followed a scam link?

Close the website

  • The first thing you should do is close the website or video immediately.
  • The longer you stay on the site, the greater the risk of accidentally worsening the situation.
  • If you realize something is wrong, close the site immediately before entering any information or downloading anything.

Run a virus scan

  • If you have an antivirus program installed, you should run a virus scan after leaving the site.
  • Criminals may have installed malware programs such as Trojans or spyware on your device.
  • Make sure you do this quickly so you can catch malicious programs before they become a problem.

Improve your safety

  • After following something that seemed suspicious, you need to change your Facebook password.
  • If there’s a chance your account has been hacked, you can stay safe by resetting your password to a password you haven’t used before.
  • Enabling two-factor authentication is also one of the best steps you can take as it will prevent anyone else from logging into your account.

Watch for suspicious activity

  • If you think there’s a chance you’ve been compromised, it’s wise to be on the lookout for signs of trouble.
  • For example, if unusual posts appear on your Facebook that you didn’t post or if your other social media accounts start behaving strangely.
  • Also keep an eye on your bank accounts and any online payment systems you use to make sure nothing untoward happens.

You might also like More from author