Technology
Scammers are using fake news, malicious links to target you in an emotional Facebook phishing trap
Beware of a new scam that preys on your emotions on Facebook.
Scammers are hacking into people’s Facebook accounts, posting sad messages like “I can’t believe he’s gone,” and tagging you or other people to get your attention.
You might think they are mourning a loved one and want to offer your condolences, but don’t fall for it.
It’s a trick to make you click on harmful links that could compromise your security or privacy.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER
Fake news articles and links (Georgetown Police Department)
How scammers use fake news and fake emotions to steal your Facebook password
The scam starts with a post from someone you know that says, “I can’t believe he is gone. I’m gonna miss him so much.” The post has a link to a supposed news article or video, but it is actually a trap. If you click the link, you are taken to a fake web page that asks you to log in to Facebook. If you do, you are giving away your Facebook password to the scammers. There is no news article or video, only a clever way to steal your identity.
THIS FACEBOOK MESSENGER PHISHING SCAM IS STEALING MILLIONS OF PASSWORDS
The scammers use hacked Facebook accounts to spread these “I can’t believe he is gone” phishing links. The posts look like they are from your friends and relatives, which makes them hard to resist. If you fall victim to this scam, the scammers can use your Facebook account to post the same message to your contacts and lure more people into their scam.
Fake news article with video posted on Facebook (Reddit)
MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP
How the ‘I can’t believe he’s gone’ scam works to trick you
The “I can’t believe he’s gone” Facebook scam is a clever scheme to trick you into clicking. Let’s analyze the mental and social techniques that make it so effective.
Pretends to be a friend
The scam post looks like it comes from one of your Facebook friends. But in reality, your friend’s account has been taken over or copied by a scammer. The familiar name and photo make it seem like a personal message. You are more likely to pay attention to shocking news from a friend than from a stranger.
Exploits your emotions with a sad story
The post starts with, “I can’t believe he’s gone, I’m gonna miss him so much.” This makes you think that the person has lost someone close to them. The emotional tone appeals to your sympathy, making you want to watch the video to find out what happened.
Uses a fake news headline to convince you
The fake headline from a reputable news source like CNN or BBC News gives the impression of authenticity. You are used to trusting major media outlets, so a headline from them seems reliable. This makes you believe that the tragedy is real.
Makes you curious to see more
The shocking post and article headline create a strong curiosity. Who died? How did it happen? You feel the need to watch the video for answers. This is exactly what the scammers want you to do.
Shows a video thumbnail to confirm your fears
The video thumbnail shows a car accident or another disaster that supposedly caused the death. You tend to trust what you see with your own eyes. This image makes the accident seem real and tangible.
Lowers your guard with a friend’s name
Seeing a friend share such sad news makes you less suspicious. Your first reaction is to offer support, not to doubt if it’s true. This trust in friends helps the scam avoid Facebook’s spam detection.
Takes you away from Facebook to steal your password
By sending you to an external site, the scam avoids any warnings you might get on Facebook. On Facebook, you can see where the links go before you open them. But these redirects hide the destination.
Woman on Facebook (Kurt “CyberGuy” Knutsson)
MORE: HOW TO PROTECT YOURSELF FROM SOCIAL MEDIA SCAMMERS
5 ways to protect yourself against phishing scams on Facebook
1) Don’t click the link: Make sure to hover your cursor above the link to see what it reads; usually, legitimate news sources have their names in the URL. It is best to go directly to the news source and search for the specific story you are looking to read.
2) Remember that people on Facebook get their accounts hacked all the time: Even if you are tagged, make sure you only open links from people you actually know well. And even before you do, look for changes in activity or behavior from the profile you are looking at.
3) Confirm with the friend: If you have doubts, contact the friend who posted the message to verify it. They probably didn’t know their account was used for a scam.
4) Look at the Comments: Often, other users will expose scams in the comments. Check if anyone is saying it’s a hoax or a breach.
5) Have good antivirus software on all your devices: Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links that may install malware on your devices, allowing hackers to gain access to your personal information. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
MORE: GHOST-HACKING: HOW TO PROTECT YOURSELF FROM SCAMS FROM BEYOND THE GRAVE OF THOSE YOU KNEW
What to do if you click on the ‘I can’t believe he’s gone’ link?
Exit the fraudulent page or video immediately: Do not stay on the website or video that the link opened. The longer you are there, the more danger you face. Leave the page as soon as possible without entering any information or downloading anything.
Perform a malware scan with your antivirus software: Some redirects may secretly download or install malware such as viruses, Trojans, spyware and other harmful programs on your device. Use your antivirus software to scan for any malware and remove it before it causes any damage or steals any data.
Reset your Facebook password: Your Facebook account may have been hacked. To prevent further access by hackers on another device, go to Facebook’s security settings and change your password. Make sure it is different from your other passwords and hard to guess. Consider using a password manager to generate and store complex passwords.
Turn on two-factor authentication for Facebook: Two-factor authentication makes your Facebook account more secure. After resetting your password on another device, go to the two-factor settings on that other device and enable it. This means that you will need your password and another verification method, such as a code or biometrics, to log in.
Monitor your accounts for any unusual activity: Keep an eye on your social, financial and email accounts for any changes that you did not make. Hackers may use your Facebook account to break into other accounts linked to it.
Review your credit reports and freeze your credit: If you shared any personal information, you may be at risk of identity theft. Get your credit reports from Equifax, Experian and TransUnion and look for any accounts that you did not open. You may want to freeze your credit with each bureau to prevent criminals from opening new accounts in your name.
Use identity theft protection: Given the sneaky rise of Facebook phishing scams that use fake news and dodgy links to play on our emotions, it’s important to up our game in staying safe. That’s where identity theft protection comes into play. Identity theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.
Be careful of related scams via phone and email: Watch out for suspicious calls or emails that may be related to the scam as a result of you inadvertently revealing your personal information, such as an email or your phone number. Scammers often use various tactics to deceive you into divulging sensitive information. Once scammers have this information, they can use it to perpetrate further scams, such as phishing attempts or identity theft. Do not answer or click on any links or attachments. They may try to trick you into giving more information or money.
The word scam over a Facebook account (Kurt “CyberGuy” Knutsson)
Kurt’s key takeaways
With life moving at the speed of life, it is hard to recognize a scam on Facebook, especially when you’ve been tagged on an emotional post by someone you know. But it pays to slow down before you respond to or click on Facebook posts pulling at your heartstrings.
Have you ever encountered a scam post like the one described in the article? How did you react? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
Anthropic is making it easier to switch to its Claude AI from other chatbots with an update that brings Claude’s memory feature to users on the free plan, along with a new prompt and dedicated tool for importing data from other chatbots. These upgrades could allow users who have been using rivals like OpenAI’s ChatGPT or Google’s Gemini to quickly copy the data their preferred AI has collected on them and bring it over to Anthropic’s chatbot. That way, they don’t have to “start over” teaching Claude the context and history their previous chatbot already knows.
The option to import and export memories from Claude has been available since October, when Anthropic also rolled out the option for users to turn on Claude’s memory. Up until now, the memory feature was only available to users on paid Claude subscriptions, but now all Claude users can turn it on by going into “settings” then “capabilities.” This menu is also where users can find the new memory importing tool, which has users copy a pre-written prompt into their previous AI then copy the output from that prompt back into Claude’s importing tool.
Anthropic is introducing the upgraded memory importing tool as Claude is seeing a rise in popularity, driven by tools like Claude Code and Claude Cowork. Last month, Anthropic launched its new Opus 4.6 and Sonnet 4.6 models, which the company says are better at coding and completing complex tasks like working through a spreadsheet or filling out forms.
Anthropic has also been experiencing a spike in attention recently after pushing back against demands from the Pentagon to loosen the guardrails on its AI models, with the company stating publicly that they drew “red lines” around mass surveillance and fully autonomous lethal weapons.
NEWYou can now listen to Fox News articles!
You trust your email security settings for a reason. So when an AI assistant quietly reads and summarizes messages marked confidential, that trust takes a hit.
Microsoft says a bug in Microsoft 365 Copilot allowed its AI chat feature to process sensitive emails since late January.
The issue bypassed Data Loss Prevention policies that organizations rely on to protect private information. Put simply, emails that were supposed to stay locked down were being summarized anyway.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter
Microsoft 365 Copilot’s work chat interface sits at the center of the issue after a bug allowed it to summarize confidential emails. (Microsoft)
Microsoft 365 Copilot bug summarized confidential emails
Microsoft says a coding error impacted Microsoft 365 Copilot Chat, specifically the “work tab” feature. The AI assistant helps business users summarize content, draft responses and analyze information across Word, Excel, PowerPoint, Outlook and OneNote.
Beginning Jan. 21, an internal bug labeled CW1226324 caused Copilot to read and summarize emails stored in Sent Items and Drafts folders.
The real concern runs deeper. Several of those messages carried confidentiality or sensitivity labels.
Companies apply those labels along with DLP policies to block automated systems from accessing restricted content. Despite those safeguards, Copilot still generated summaries.
We reached out to Microsoft, and a spokesperson provided CyberGuy with the following statement:
“We identified and addressed an issue where Microsoft 365 Copilot Chat could return content from emails labeled confidential authored by a user and stored within their Draft and Sent Items in Outlook desktop. This did not provide anyone access to information they weren’t already authorized to see. While our access controls and data protection policies remained intact, this behavior did not meet our intended Copilot experience, which is designed to exclude protected content from Copilot access. A configuration update has been deployed worldwide for enterprise customers.”
Why the Microsoft 365 Copilot bug matters for data security
AI tools feel helpful. They save time and reduce busy work. But they also rely on deep access to your data. When safeguards fail, even temporarily, sensitive content can move in ways you did not expect.
YOUR PHONE SHARES DATA AT NIGHT: HERE’S HOW TO STOP IT
For businesses, that could mean:
Legal discussions summarized outside intended controls
Financial projections processed despite restrictions
HR communications are exposed to automated analysis
Even if no data leaves the organization, the bypass itself raises concerns about how AI integrates with enterprise security systems.
Business users rely on Copilot to streamline work, but a recent bug raised concerns about how it handles sensitive email content. (Microsoft)
How Microsoft is fixing the Microsoft 365 Copilot bug
Microsoft says it began rolling out a fix in early February. The company continues to monitor deployment and is contacting some affected users to verify the fix works.
However, Microsoft has not provided a final timeline for full remediation. It has also not disclosed how many organizations were affected.
The issue is tagged as an advisory, which usually signals limited scope or impact. Still, many security professionals will want deeper clarity before feeling comfortable.
What this Microsoft 365 Copilot issue reveals about AI security
This incident highlights something many companies are wrestling with right now. AI assistants sit inside productivity platforms. They need access to email, documents and collaboration tools to work well.
TIKTOK AFTER THE US SALE: WHAT CHANGED AND HOW TO USE IT SAFELY
At the same time, those platforms contain your most sensitive information. When AI features expand quickly, security policies must evolve just as fast. Otherwise, even a small code mistake can create unexpected exposure.
The Copilot chat feature was designed to boost productivity, yet a code error let it process emails labeled confidential. (Microsoft)
Ways to stay safe after the Microsoft 365 Copilot bug
If your organization uses Microsoft 365 Copilot, here are practical steps to reduce risk:
1) Review Copilot access settings
Work with your IT team to confirm which folders and data sources Copilot can access.
2) Revalidate DLP policies
Test sensitivity labels and DLP (Data Loss Prevention) rules to ensure they block AI processing as intended.
3) Monitor advisory updates
Stay current on Microsoft service alerts and verify that the fix is fully deployed in your tenant.
4) Limit AI scope during investigations
If you have concerns, consider temporarily restricting Copilot features until verification is complete.
5) Train employees on AI boundaries
Remind staff that AI assistants can process drafts and send messages. Encourage careful handling of sensitive content.
6) Audit Copilot activity logs
Review audit logs to see whether Copilot accessed or summarized labeled emails. This helps determine actual exposure rather than assumed risk.
7) Review sensitivity label configuration
Confirm that confidential labels are configured to block AI processing where required. Misconfigured labels can create gaps even after a bug is fixed.
8) Reassess retention and draft policies
Because the issue involved Sent Items and Drafts, evaluate whether sensitive drafts should be stored long-term or deleted after sending.
9) Limit Copilot to specific user groups
Instead of enabling Copilot organization-wide, consider a phased deployment to departments with lower sensitivity exposure.
10) Conduct a post-incident security review
Use this moment to reassess how AI tools integrate with compliance controls. Treat it as a learning opportunity rather than a one-time glitch.
Pro Tip: This Copilot bug centers on enterprise controls. Even so, AI tools operate on your devices and accounts, so keeping software up to date and using strong antivirus software adds an important layer of defense. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
Considering a more private email provider
Enterprise AI bugs raise a bigger question: how much access should email platforms have to your data in the first place? If you want an added layer of privacy beyond mainstream providers, privacy-focused email services are worth exploring.
Some offer end-to-end encryption, support for PGP encryption and a strict no-ads business model that avoids scanning messages for marketing purposes.
AI WEARABLE HELPS STROKE SURVIVORS SPEAK AGAIN
Many also allow you to create disposable email aliases, which can reduce spam and limit exposure if one address is compromised.
While no provider is immune to software bugs, choosing an email service built around privacy rather than data monetization can limit how much of your information is accessible to automated systems in the first place.
For individuals, journalists and small businesses especially, that added control can make a meaningful difference.
For recommendations on private and secure email providers that offer alias addresses, visit Cyberguy.com
Kurt’s key takeaways
AI assistants are becoming part of daily work life. They promise speed, efficiency and smarter workflows. But convenience should never outrun security.
This Copilot bug may have a limited impact. Still, it serves as a reminder that AI tools are only as strong as the guardrails behind them.
When those guardrails slip, even briefly, sensitive information can move in unexpected ways. As AI becomes more embedded in business software, trust will depend on transparency, fast fixes and clear communication.
Here is the real question: If your AI assistant can see everything you write, are you fully confident it respects every boundary you set? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter
Copyright 2026 CyberGuy.com. All rights reserved.
Related Article
Just days after showing off the Galaxy S26, Samsung is finally rolling out the ability for users to unlock their home with a tap of their phone or by simply approaching their door. The new feature, called Digital Home Key, will live inside Samsung Wallet and is powered by the Aliro smart home standard.
Samsung first teased its Digital Home Key feature in 2024 and said the feature would be available in 2025. That didn’t pan out, as the CSA’s Aliro standard — which will let users unlock smart locks with any phone — only arrived in February of this year. The new standard uses near-field communication (NFC) for its tap-to-unlock technology. It also supports ultra-wideband (UWB), giving users the ability to unlock their door as they approach and without pulling out their phone.
To add a Digital Home Key to your wallet, you’ll need to set up a compatible smart lock through SmartThings using Matter. Only some Galaxy smartphones support both NFC and UWB, including the Galaxy Z Fold 4 and up, as well as the Galaxy S22 Ultra and up. You can view the full list of compatible devices on Samsung’s website.
Boston police officials dominate the list of highest-paid city workers in 2025 – The Boston Globe
Denver bans federal law enforcement officers from covering their faces, DHS says it won’t comply
Joey Daccord makes 35 saves as Seattle Kraken earn 2-1 win over Hurricanes
Southern California’s Jewish community reacts to war in the Middle East
Check out these Milwaukee-area places to celebrate Pi Day on March 14
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Trump sends official notification to Congress on strikes against Iran
Unexpected birth brings hope to near-extinct Amazon tribe
Supreme Court blocks redrawing of New York congressional map, dealing a win for GOP
Map: Earthquake Shakes Central California
Gas prices could jump as Middle East tensions threaten global oil supply
-
World5 days agoExclusive: DeepSeek withholds latest AI model from US chipmakers including Nvidia, sources say
-
Massachusetts6 days agoMother and daughter injured in Taunton house explosion
-
Denver, CO6 days ago10 acres charred, 5 injured in Thornton grass fire, evacuation orders lifted
-
Louisiana1 week agoWildfire near Gum Swamp Road in Livingston Parish now under control; more than 200 acres burned
-
Technology1 week agoYouTube TV billing scam emails are hitting inboxes
-
Politics1 week agoOpenAI didn’t contact police despite employees flagging mass shooter’s concerning chatbot interactions: REPORT
-
Technology1 week agoStellantis is in a crisis of its own making
-
Oregon4 days ago2026 OSAA Oregon Wrestling State Championship Results And Brackets – FloWrestling