Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Can an iPhone be Hacked?

Top News Stories

author photo

Facebook “IS THIS YOU?” Video Scam Steals Your Login Info

by on September 06, 2019
in News, Computers and Software, Computer Safety & Support, Blog, Facebook, Privacy :: 7 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

A Facebook scam that has been circulating for years seems to be making a comeback. And if you fall for it, you’ll have your Facebook login info stolen by the scammers, who can then hack your account and use it for a variety of nefarious purposes.

The scam works by tricking Facebook users into clicking a link to a video. The video will often have some variation of “Is this you?” or “Did you make this video?” in the description to pique your interest, and will likely come from one of your friends (who already fell for this scam and had their credentials stolen).

If you click on the link, you’ll be taken to a fake Facebook login page with a message about confirming your information before you can access the video. It is pretty obvious the page is fake if you notice the URL at the top. But if you're not paying attention and you enter your info here, you’ve just given the scammers what they need to take over your account.

Facebook scam phishing login

As a final insult, you won’t be taken to the video (which never existed in the first place), but dumped into a spammy affiliate ad network for NSFW games, sketchy app downloads and survey scams. I’ve seen a few valid apps, too, such as Norton Secure VPN on Google Play, but these companies have no part in the scam (after I notified Symantec, Norton’s parent company, about the app’s inclusion, a spokesperson told me “Upon learning of this issue, we worked with our mobile advertising partner to quickly identify and blacklist the bad actor responsible for this threat. We are also working to identify consumers who may have been impacted to help them with any residual effects.”)

Facebook scam spam apps

The best course of action if you get one of these video links from a friend is to not click it and notify your friend by phone or email, if possible, that their account may have been compromised. It’s also possible the video was sent from a friend’s cloned Facebook account that a scammer used to friend you in the past.

If you made the mistake of entering your credentials on that fake login page, you should immediately change your Facebook password before the scammers have a chance to get in. This would also be an excellent time to consider setting up Two-factor authentication for Facebook so you won’t lose access to your account if you fall for another phishing scam in the future.

And if the scammers have already taken control of your Facebook account, you’ll need to go through Facebook’s account recovery process to regain access.



Discussion loading

gravatar

NOW

From ADAKUNI DAVID OKURUT on October 06, 2019 :: 2:07 am

Yap.

Reply

gravatar

just clicking?

From Mike on December 16, 2019 :: 1:28 pm

I have a friend who was infected by this. She claims all she did was click on the link, didn’t enter her credentials. Is that possible or likely?

Reply

avatar

Nope

From Josh Kirschner on December 16, 2019 :: 3:56 pm

It’s not an “infection” - there is no malware involved - so the video scam only works by tricking someone into revealing their Facebook login credentials. And you can’t have your Facebook credentials stolen simply by clicking on the link. It’s possible she may have entered her info without even thinking about it and now doesn’t remember. It’s also possible that her Facebook account was cloned and videos that you’re seeing in your feed that you think are coming from her are actually coming from a cloned account you were tricked into friending.

Reply

gravatar

what if 'saved' in your google

From roxi on January 11, 2020 :: 4:27 am

i clicked the link and it didnt take me to a login page, but my credentials are ‘stored’ in google. WOuld google know that it wasnt a legit facebook page though? My facebook seems fine so far

Reply

avatar

Shouldn't matter

From Josh Kirschner on January 13, 2020 :: 2:19 pm

Even if your Facebook login info is stored in Google, you would still have to log in when you get to the scam page (the scam page can’t access that information automatically). And Google password manager shouldn’t auto-fill on a scam page because the url won’t be a Facebook url.

gravatar

I was hit

From Juana on February 13, 2020 :: 11:22 pm

This happened to me today and i deactivated My Facebook account. However, a few hours later a series of punchases with My crédit Card started popping up. Somwhow this malware was capable of getting My crédit Card credenciales.

Reply

avatar

Not clear how that would happen

From Josh Kirschner on February 14, 2020 :: 10:38 am

If this does happen to you, you shouldn’t deactivate your Facebook account. If the scammers have your credentials, they could reactivate it. Instead, follow my advice to immediately change your password.

What’s not clear to me is how they would go from accessing your Facebook account to making charges to your credit card. Can you provide more information on where these charges were made or through what company?

Reply

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Newsletter Archive
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.

site design: Juxtaprose