Technology
When a Facebook friend request turns into a hacker’s trap
Are you as fed up as I am with the seemingly endless number of scams flooding Facebook? You know, the ones I’m talking about — the messages that make you stop and think, “Is this for real?”
Whether you’re new to Facebook or you’ve been scrolling for years, these scams can catch anyone off guard. But don’t worry.
I’ve got your back with some great tips to keep your Facebook account (and your sanity) safe. By the time we wrap this up, you’ll be well-prepared to spot these digital fraudsters from a mile away.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
A real-life Facebook scam story
Before we dive in, let me share a recent email I received from Cheryl in Buna, Texas. Her experience highlights just how sneaky these scammers can be:
“I had a hacker tell me, posing as a friend, that they received another friend request from me on Facebook. The hacker then, posing as a friend, told me they had had this problem and gave me a contact number for the Facebook official who had helped them. I called the number, but the hacker had limited information about me because a red flag was raised eventually. The hacker got access to my email, which I’ve had for 20 years, and had all kinds of confidential information in it.”
Cheryl’s story is a perfect example of how these scams can unfold. Let’s break it down and learn how to protect ourselves.
SCAMMERS EXPLOIT GRIEF WITH FAKE FUNERAL STREAMING ON FACEBOOK
The cloned account ruse
Scammers frequently initiate their schemes by posing as a friend through a cloned account. They may claim that they have received a duplicate friend request from you, creating the illusion that your account has been compromised. This tactic is designed to instill a sense of urgency and panic, prompting you to act without thinking.
In Cheryl’s case, the scammer, masquerading as her friend via a cloned account, provided a phone number for a supposed “Facebook official.” This is a classic maneuver intended to gain your trust and lower your defenses. The scammer provided the phone number as part of a deceptive strategy, claiming it was for a “Facebook official” who could help resolve an alleged security issue with Cheryl’s account.
This tactic creates urgency and trust, prompting victims to act quickly without verifying the information. Cheryl called the number because she felt compelled to address what she believed was a serious issue regarding her account security. Scammers often exploit such feelings of urgency, making victims more likely to engage without proper caution. It’s crucial to remember that Facebook will never ask you to call a number for assistance with your account.
When Cheryl called the number, the scammer attempted to extract personal information from her. Fortunately, she recognized some red flags and remained cautious. However, the hacker still managed to access her email, which contained years of sensitive information. Always be vigilant when receiving unexpected friend requests or messages from friends because they may not be who they claim to be.
Double-check before accepting
When faced with such a request, follow these steps:
- Don’t accept immediately: Resist the urge to automatically approve the request, even if it appears to be from a close friend or family member.
- Contact the person directly: Reach out to your friend through a different communication channel, such as a phone call, text message, or email, to verify if they’ve actually sent you a new friend request.
- Compare profiles: If possible, compare the new profile with the existing one. Look for discrepancies in photos, information or recent activity.
- Check mutual friends: A cloned account is unlikely to have the same mutual friends as the original profile.
Potential risks
If you accept a friend request from a cloned account, the scammer may:
- Send malicious links or attachments
- Request money or personal information under false pretenses
- Exploit your trust to scam others in your network
Reporting suspicious activity
If you confirm that the request is from a cloned account:
- Report the fake profile to Facebook immediately
- Inform your friend about the cloned account
- Alert your mutual friends to be cautious of any suspicious requests or messages
CLONED ON FACEBOOK? HERE’S HOW TO TAKE BACK CONTROL
Getting back on track
Recovering compromised Facebook accounts can be a hassle. Cheryl mentioned in her email to us that it took her a while to regain access to her Facebook and email. This is often the case, as scammers may change login information or enable two-factor authentication to lock you out. However, I have a step-by-step guide on how to recover a hacked Facebook account.
Once you’ve recovered your Facebook account, I recommend that you make it private and add two-factor authentication. Here’s how you can go about that process.
HOW TO REMOVE FACEBOOK ACCESS TO YOUR PHOTOS
How to spot Facebook scams
To avoid falling victim to these scams, keep an eye out for these red flags:
1. Generic greetings in messages: Legitimate Facebook communications will address you by name. If you receive a message starting with “Dear User” or “Hello Facebook Member,” it’s likely a scam.
2. Vague claims of suspicious account activity: Scammers often use vague language about account violations or suspicious activity without providing specific details. Real Facebook notifications would include more precise information.
3. Requests for personal information via email or text: Facebook will never ask for your password or sensitive personal information through unsolicited messages. Any such request is a clear sign of a scam.
4. Demands for payment to recover an account: Facebook doesn’t charge for account recovery. If you’re asked to pay a fee to regain access to your account, it’s definitely a scam.
5. Threatening language or messages with poor grammar: Scammers often use urgent or threatening language to pressure you into action. Additionally, legitimate Facebook communications are professionally written, so poor grammar or spelling errors are red flags.
6. Links to websites not associated with Facebook: Be wary of links that don’t lead to official Facebook domains. Hover over links to check their destination before clicking, and avoid clicking on any link that seems suspicious or unfamiliar. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Steps to protect yourself from social media scammers
Here are some steps you need to be aware of so that you can protect yourself from social media scammers.
Beware of friend requests from familiar faces with whom you are already connected: These requests may be from scammers who are trying to impersonate your real friends and trick you in some way. Before you accept any friend request, always check the profile and compare it with the one you already have.
Have strong passwords: Using the same password across multiple platforms will always make you more vulnerable because if one account gets hacked, they all get hacked. Consider using a password manager to generate and store complex passwords for your social media accounts. A password manager will also help you keep track of all your passwords.
Evaluate the source of the link before clicking it: If it is an unknown website or news source, be cautious. Scammers may use phishing links in DMs, emails, posts or text messages to infect your device with malware or capture your login credentials.
Install strong antivirus software: Having reliable antivirus software is crucial. If a cloned friend sends you a link, your antivirus can help prevent malware infections by scanning links and files before you click on them. This added layer of protection can alert you to potential threats, ensuring your device remains secure.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
Be careful of anyone asking you for money, even if they claim to be a friend or family member: Scammers may try to impersonate someone you know to trick you into sending them money or personal information.
Closely evaluate sensational claims such as for a cure or treatment, a great prize or gift card or a job offer that sounds too good to be true. Scammers may use these tactics to lure you into giving them your personal information or paying them a fee.
Watch out for posts with poor spelling and grammatical mistakes: These may indicate that the post is not from a legitimate source.
Watch out for sparse profiles: Scammers often create sparse profiles to impersonate someone else or to lure you into giving them information. They may use a photo of a celebrity, a friend or a stranger that they found online. They may also use a name that sounds familiar or appealing. However, if you look closely at their profile, you will notice that they have no other details or activity on their social media.
Limit what you share about yourself online: Scammers may use your personal details, photos and videos to create fake social media accounts and impersonate you. Scammers can also use this information to steal your identity or access your online accounts.
Report fake social media accounts whenever you find them: if you suspect a fake account, report it to the social media platform and warn your friends about it. You can also block or unfriend people who send you suspicious messages or requests.
Remove your personal information from the internet: This is crucial because Facebook scammers often use publicly available information to make their schemes more convincing. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.
By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with the information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.
WARNING OVER NEW FACEBOOK AND APPLE EMAIL SCAMS DUELING FOR YOUR ATTENTION
If you suspect you’re a victim of a social media scammer
If you suspect you’re a victim of a social media scammer, you need to take urgent action immediately. Here are some immediate steps to take:
Secure your account: Immediately change your password to lock potential hackers out. If you’re locked out of your account, contact Facebook’s support immediately to recover it.
Inform your contacts: Alert friends and family so they’re aware and won’t be duped by messages or requests coming from your compromised account.
Monitor account activities: Keep an eye on your active sessions, messages sent and any changes made to your account. Any unfamiliar activity should be reported and reversed.
Seek expert help: If you believe your personal information, such as financial data or other sensitive details, has been compromised, consider reaching out to cybersecurity professionals or services that can guide you on further recovery and protection steps.
Use identity theft protection: Social media scammers are constantly looking for ways to steal your personal info and use it for their own benefit. They may send you phishing emails, fake friend requests or malicious links that can compromise your online security.
Theft protection companies can monitor personal information like your home title, Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.
Kurt’s key takeaways
Remember, Facebook and other legitimate organizations will never ask for your password or personal information through unsolicited messages. If you’re ever in doubt, contact Facebook directly through its official help center. By staying informed and skeptical, you can keep your Facebook experience fun and scam-free. Always verify before you trust, use official channels for support and keep your personal info under wraps.
What experiences have you had with Facebook scams, and how did you handle them? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
Technology
The best Cyber Monday robot vacuum deals you can get from iRobot, Roborock, and more
Robot vacuums are on sale all the time. But this holiday shopping weekend, there have been some fairly significant price drops, which are rolling over from Black Friday into Cyber Monday. These include rarely reduced flagship models like Roborock’s S8 MaxV Ultra and iRobot’s Combo 10 Max. If you’ve been holding out on trying the latest and greatest, now is a good time to dive in.
Deep discounts are also available on some of our favorite midrange and budget bots from Shark and Eufy, and iRobot is slashing prices on its entire line. Read on for our rundown on the best deals on robotic floor cleaners this holiday shopping weekend.
Update, December 1st: Adjusted to reflect current pricing/availability for Cyber Monday and added new deals, including the Roborock Q8 Max Plus.
Technology
9 ways scammers can use your phone number to try to trick you
Scammers have various methods when it comes to getting their hands on your phone number. You might think, “Well, what’s the big deal? Isn’t it easy to find someone’s number these days, no matter what?” Yes. And if you’ve already had your fair share of telemarketers call you, maybe you feel like you’ve got it under control.
The problem is that scammers with the right knowledge and the wrong intentions can wreak havoc just by having your phone number in their possession.
Once they do, they can use it to trick you in all sorts of ways.
The good news is that by familiarizing yourself with their tactics, you can be one step closer to preventing yourself from falling victim to them. Here’s what you need to know.
2 DAYS LEFT! I’M GIVING AWAY A $500 GIFT CARD FOR THE HOLIDAYS (Ends 12/3/24, 12 pm PT)
9 ways you can get scammed if your phone number falls into the wrong hands
In today’s digital age, your phone number is more than just a way for friends and family to reach you. It can be a gateway for scammers to access your personal information and wreak havoc on your life. From phishing attempts to extortion, the risks are numerous and varied. Here are nine ways scammers can exploit your phone number if it falls into the wrong hands:
1. Phishing for other personal information
Scammers can also use your phone number to launch rather easy phishing attacks. They might send text messages or make calls posing as your bank or a popular online service that you subscribe to. The goal is to call you and trick you into providing login credentials, credit card details or other personal information, which they can then use for fraudulent activities. And once they have all your other information, they can do a lot more damage just by having your phone number as that initial segue.
2. Extortion and blackmail
In some cases, scammers use your phone number for extortion or blackmail. They may claim to have compromising information about you and demand payment to keep it private. By contacting you directly, they can apply continuous pressure, making their threats seem more real and immediate.
One unique way they do this to target elderly people is by pretending to be your grandchild or another relative in distress. The scammer often claims that your grandchild is in an emergency situation — such as needing bail money or medical assistance — and urgently requests financial help. With AI voice cloning technology, they may even be able to use your grandchild’s voice. This emotional manipulation usually gets the victim to pay up.
3. Robocalls and spam messages
This one may not be as dramatic, but your phone number can be sold to robocall and spam message services. These automated systems bombard you with unwanted calls and texts, often promoting scams or fraudulent products. While these may seem like minor annoyances, they can lead to bigger scams if you engage with the messages or follow their instructions. Hang up on them.
HOW TO STOP ANNOYING ROBOCALLS
4. Phone number spoofing
Phone number spoofing is a common tactic where scammers disguise their caller ID to appear as a trusted contact by calling from what appears to be a familiar number as it may have the same area code where you live, an area code where your friends or family live or even the actual phone number of someone close which you can recognize.
This makes it more likely that you’ll answer the call, giving them the opportunity to deceive you into revealing personal information or transferring money. This is, of course, the case when phone spoofing is used against you. But in situations where they use YOUR phone number, they can be scamming those close to you without you even knowing!
5. Impersonating government agencies
With these phone spoofing tactics, scammers can use your phone number to impersonate government officials, such as IRS agents or Social Security administrators. They may call you claiming there’s an urgent issue, like unpaid taxes or suspicious activity involving your Social Security number. This ploy often involves threats of legal action or arrest to pressure you into providing sensitive information or making immediate payments.
6. Calling about fake unpaid invoices
Instead of pretending to be from a government agency, another trick is for scammers to try their luck by posing as a representative from a utility company, like an electric or water company. Scammers will claim that you have an overdue invoice and threaten to cut off your service unless you pay immediately. Using your phone number, they can contact you repeatedly, making the scam seem more legitimate (and pressing).
7. SIM swapping/phone rerouting
SIM swapping or a port-out scam is when scammers transfer your phone number to a new SIM card in their possession. By convincing your mobile carrier to reroute your number, they can receive all your calls and messages, including those containing two-factor authentication codes. This allows them to bypass security measures and take over your online accounts.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
8. Stealing your sensitive data
With SIM swapping techniques/port-out, scammers can also use your phone number as a key to access sensitive data stored in your online accounts. By initiating password resets and intercepting verification codes sent via SMS, they can gain unauthorized access to your email, social media and banking accounts, leading to significant personal and financial damage.
9. Setting up fake online accounts
Finally, scammers can use all the tactics above to not only access the accounts you already have but also create fake online accounts in your name. These accounts can be used for a variety of malicious purposes, such as spreading malware, launching further scams or conducting identity theft. The presence of your phone number makes these accounts appear more legitimate, increasing the chances of deceiving others.
10 SIMPLE STEPS TO IMPROVE YOUR SMARTPHONE’S SECURITY AND PRIVACY
How to protect yourself from these scams
To protect your phone number from falling into the hands of scammers, here’s what you can do:
1. Be cautious about sharing your phone number publicly: Avoid posting your phone number on public forums, websites or social media platforms where it can be easily accessed by scammers.
2. Limit exposure of your phone number on social media and other online platforms: Use privacy settings to restrict who can see your contact information. Most social media platforms and online services offer privacy settings that allow you to control who can view your personal information. Make sure to review and adjust these settings regularly. Only share your phone number with trusted contacts.
3. Consider using a secondary number for online registrations and transactions: Services like Google Voice can provide you with a secondary number that you can use for online activities, keeping your primary number private.
4. Monitor your accounts regularly for unusual activity: Check your bank accounts, email and other online accounts for any signs of unauthorized access or suspicious activity.
5. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.
6. Use two-factor authentication apps instead of SMS-based verification where possible: Two-factor authentication (2FA) provides an extra layer of security that is more difficult for scammers to bypass compared to SMS-based verification.
7. Use an identity theft protection service: Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.
8. Remove your personal information from the internet: While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with the information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.
If scammers already have your phone number
If you suspect that scammers already have your phone number, take the following steps:
Contact your mobile carrier to alert them of the scam calls, especially if they come from the same number. Your carrier may be able to block the number or provide additional security measures.
Consider changing your phone number if the issue persists: If scam calls continue despite your efforts, changing your phone number may be the best solution.
Report any suspicious activity to the appropriate authorities: Contact your local law enforcement or consumer protection agency to report scams and seek advice on further actions.
Consider placing fraud alerts on your accounts: Fraud alerts can help protect your credit and financial accounts from unauthorized access.
Monitor your phone for unusual calls or messages: Keep an eye out for any unexpected calls or messages, and do not respond to them.
Check your phone bill for unauthorized charges: Regularly review your phone bill to ensure there are no unexpected charges, which could indicate that your number has been used fraudulently.
By following these steps, you can significantly reduce the risk of falling victim to phone number scams and protect your personal information.
RECLAIM YOUR PRIVACY BY DISABLING YOUR CELL PHONE CARRIER’S DATA TRACKING
Kurt’s key takeaways
Scams have become much more sophisticated these days, especially with artificial intelligence, making it easier for scammers to target more people and get away with it. Always be wary of a scam. If you think something seems strange, it’s probably best to go with your gut.
Have you ever experienced a scam involving your phone number? If so, how did you handle it? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
Technology
Elon Musk targets OpenAI’s for-profit transition in a new filing
In a new motion filed late Friday in his lawsuit against OpenAI, Elon Musk’s attorneys have asked for a preliminary injunction to stop OpenAI from transitioning to a for-profit enterprise, reports TechCrunch. They also asked the judge to forbid the company from continuing alleged practices that they say violate US antitrust laws.
Musk’s lawyers claim that because of CEO Sam Altman’s alleged self-dealing, OpenAI “will likely lack sufficient funds to pay damages” if Musk wins the suit. The motion follows reports of OpenAI’s intent to become a for-profit business and that it recently began early talks with regulators to move its structural change forward.
As for antitrust claims, Musk’s lawyers allege that OpenAI and Microsoft “told investors not to fund their mutual competitors,” which they say violates the Sherman Act. And they claim that Musk “verified that at least one major investor” that had previously contributed to an xAI funding round has since “declined to invest in xAI.”
They also allege that OpenAI benefits from “wrongfully obtained competitively sensitive information” gained through Microsoft connections they insist are effectively prohibited under the Clayton Act. The lawyers claim that “the very reason Microsoft obtained its board seat” — referring to Microsoft VP Dee Templeton’s time as a non-voting board member at OpenAI — “was to coordinate business decisions with OpenAI.”
OpenAI spokeswoman Hannah Wong said in a statement emailed to The Verge:
Elon’s fourth attempt, which again recycles the same baseless complaints, continues to be utterly without merit.
Update November 30th: Added statement from OpenAI spokeswoman Hannah Wong.
-
Science5 days ago
Despite warnings from bird flu experts, it's business as usual in California dairy country
-
Health1 week ago
Holiday gatherings can lead to stress eating: Try these 5 tips to control it
-
Health6 days ago
CheekyMD Offers Needle-Free GLP-1s | Woman's World
-
Technology5 days ago
Lost access? Here’s how to reclaim your Facebook account
-
Entertainment4 days ago
Review: A tense household becomes a metaphor for Iran's divisions in 'The Seed of the Sacred Fig'
-
Technology3 days ago
US agriculture industry tests artificial intelligence: 'A lot of potential'
-
Technology1 week ago
Microsoft pauses Windows 11 updates for PCs with some Ubisoft games installed
-
Sports1 day ago
One Black Friday 2024 free-agent deal for every MLB team