/ Money

Scam watch: passwords harvested by fraudster

A member of the public contacted us after following a link via Facebook Messenger to what they thought was a video. Have you been sent this scam?

A Facebook Messenger user received a message via the app that they thought was from a friend.

We’ve seen spoofed accounts requesting cash before, but this time they were sent a link to what looked like a video.

However, on clicking it, they were asked to log in to Facebook. When they did so, nothing happened, which raised concerns that they may have given away their login details to scammers.

They quickly changed their password, but by then the link had generated identical messages to the scam they’d clicked on, and sent it on to all of their Facebook friends.

Harvesting passwords

This left the user so nervous that they didn’t want me to share their name with Facebook when I was investigating on their behalf.

Without looking at their Facebook account, I can’t say exactly what happened in this case, but I can hazard an educated guess that a scammer is harvesting passwords, hoping that you’re recycling them on other sites.

If you’ve received this scam and you’re reusing the password (or versions of it) elsewhere, immediately reset it on those sites to something strong and unique.

You can follow our guide on creating secure passwords here. We recommend passphrases made of three random words, as these are hard to hack.

Strong security

Unique passwords are hard to remember, so it’s best to store them using a password manager program.

Safety tips from the National Cyber Security Centre

For extra security, you can enable two-factor authentication on Facebook and many other accounts.

This means you need to follow a second step – such as entering a one-time verification code – to gain access.

Lastly, you should frequently check your bank statement and credit report and query anything you don’t recognise.

Have you been sent this scam via Facebook Messenger? Have you seen it anywhere else? Let me know in the comments.

Em says:
26 May 2020

@Faye: Unique passwords are hard to remember, so it’s best to stop them using a password manager program.

Looks like a typo: store them maybe?

Thanks Em – fixed.

This sounds like an email virus I came across a few years ago.

A friend had an email from her daughter who insisted she hadn’t sent it to her.

What happened was the daughter had received an email from a friend that said something like check this out with a link to something that looked like a fashion website. She clicked on the link and another email was sent to everyone in her address book passing on the virus.

Hovering over the link and checking it out highlighted it was a virus.

Please don’t ask me how I know this, but spoofing login requests is one of the oldest tricks in the book.

If you use a password manager, does it make you more vulnerable in this kind of situation?

I’d hope that a good password manager would only release each stored password for a given url, so should not be easily tricked into revealing one’s passwords.

Anthony Adams says:
29 May 2020

I have found a simple answer to problems with things like Facebook and messenger. I have deleted my account. I never worked out how to use it anyway.

Terry says:
4 June 2020

This is the perfect answer to solve the trouble with Facebook & messenger but the last time I tried to escape (some years ago) it was, in fact, not possible.

Any tips on how to actually cut myself off from this evil monster??

I managed to delete a Facebook account years ago. It was straightforward but it took a couple of weeks to complete. I rejoined several years to promote the activities of a charity but have no Facebook Friends and you will not find any personal information about me. We recently posted a crowdfunding appeal for a charity on Facebook and have raised £1534 so far, which is useful as normal activities have been suspended during the coronavirus problem. If Facebook becomes a nuisance it will go, but at present the benefits outweigh the disadvantages for me.

Harold Smith says:
29 May 2020

I have two “cheap” computers. One for the internet etc. the other never connected once set up.
That one I use for my personal and business matters, the internet one for the usual internet purposes but no business is stored on it. Anything I wish to keep private or secure I transfer via USB memory sticks to the unconnected computer memories. It has been a very secure and reliable arrangement so far but have to be alert to the possibility of conveying a virus across via USB.

I was accused of sending an email message to a transgender person, and apparently the message was of a very risqué nature. I knew nothing about this message, but my whole family believed it was from me and to that end have stopped talking to me entirely. I have lost my daughter, my oldest son and came off Facebook completely thus losing touch with a lot of people who I worked with before retiring. I miss them all a lot. I talked to someone at Google, and they investigated. They have found 7 other people with the same email address as myself and I believe they must have spoken to them, because a lot of emails have stopped. However, one is still active and sent an email using my details about 3 weeks ago. Google caught it and pin pointed an address, (physical location some 50 miles away from me to the West. This all started in early September 2019 and I still have no family contact.

is this a scam I am having trouble logging into my account which I normally don’t have any problems?

Also scammers have been targeting game sites especially those that are free.for years I have used a patience game by Mobilityware.A sophisticated add came advertising the herbal remedy for ailments including back pain which I suffer from.There was a special offer which I though treasonable so accepted the offer paying with my credit card.Within seconds i received an e-mail with a receipt for over 200£s, I had no way of cancelling the sale because the site was fbogus.After some time the amount appeared on my credit card account,fortunately I had alerted the bank and tho the money had been paid to another fbogus account they have cancelled money on my card. Please alert Which members to be vigilant and not be enticed by sales adverts on these free games sites.

Joy Bell says:
29 May 2020

I also had the same problem and immediately sent a message on Facebook warning friends. I changed my password. I am also aware of friends who have had the same problem recently.

Laing says:
29 May 2020

I am pretty certain I got caught out by this and as a vulnerable person by age opened a secong Facebook Account by mistake. However it is all sorted now under my old Facebook under double security. My password seems to be very safe.
I am not absolutely sure that I have got rid of the second Facebook Account but I cannot see it now so that is fine. All is working OK but I do not use Facebook as often now. My passwords are all different and unique. Scammers have little to do with their time and certainly have no scruples. Waht happenns when they are caught?

I had a text asking me to contact Facebook or a link to a website. As I don’t do Facebook and didn’t recognise the website and simply deleted it.

Jenny Butler says:
31 May 2020

I’ve had several videos and messages sent by friends who normally do not contact me in messenger. I have asked them first before opening them and ignored them. I’ve changed my password. Several friends have had their FB account hacked and warned me on newsfeed. They have said it was difficult to fix.

A friend of mine asked me for a loan to allow him to pay some overdue bills, via FB messenger. As I thought it out of character, I asked him to confirm by text or email. I’m glad I did, as it turned out to be a hoax.
I never open links to videos in FB messenger and generally am very careful with whom I contact in this way.

Fraudsters can also hijack the e-mail addresses of your friends, relations and people you do business with in order to trick you into sending them money.

DeborahH says:
1 June 2020

Unfortunately I got caught by this too. Very cross with myself as co-incidentally I had spoken to my friend about an hour earlier and she was going to send me a legitimate link – instead it seems her account was hacked.

Yes I received the Video Facebook scam as a direct message from two people I know well and I don’t have an extensive list of Facebook friends. Before opening the message I emailed the people concerned and they confirmed it was not them. I will advise them to change their passwords now.

I found a new one and I did check when it can from. The junk mail was “you wining the place” and the mail was R.M.S .nl and you check google and it’s ERASMUS UNI ????????? Copenhagen?????
Nice one

nick says:
4 June 2020

Yes that’s exactly what happened to me. A point to note is that my defences were up when I got the video message, so I never looked at it. I even wrote to thye sender asking if it was meant for me. Days later when I went to look at a video my defences were down, something didn’t work and I put my facebook password in. I had a lot of trouble with facebook since, altering my password many times. I told all my fb friends to alter their fb passwords, but fb stopped me cos I was sending mutiple messages!
Now I have to clear all my tabs if I open something on fb, and it opens on my browser, fb asks me to log in for my home page, and won’t let me if I have a page open in the browser
No need to reply!

Peter says:
5 June 2020

I am always surprised that Which do not remind members that Password Managers like Dashlane are the real way forward. I have used them for years as they were actually suggested by GCHQ on the BBC some years ago. Just one Password to secure all the others Super Encrypted auto login JOB DONE

Dave Tharby says:
5 June 2020

Yes, three times in the last week. From two genuine contacts. Identical wording ” Hi, I’ve just seen you in this video, click to see it”. It then asks for your Facebook password then nothing. Beware.

linda barton says:
5 June 2020

I am not sure if I was scammed re my facebook, O had a similar message and put in my password