Facebook Account Hacking Warning: What You Need to Know

Consumer watchdog Which? is alerting Facebook users to a new scam involving hacked accounts posting malicious links that could infect devices with malware.
Fraudsters are exploiting compromised Facebook accounts to post messages like “I can’t believe he’s gone” and “I’m going to miss him.” These posts, designed to capture attention, contain links that lead to harmful websites.
[Photo: Which?]
Users encountering these posts might be tempted to click on the links to learn more. However, doing so redirects them to malicious sites that download malware onto their devices, causing intrusive pop-ups and rendering the device almost unusable. One such example is a site impersonating the antivirus software company McAfee, which tricks users into thinking they need to scan their computers.
Once users engage with the fake scan, their devices are flooded with pop-ups claiming various issues, such as other people downloading files from their computers or antivirus software being compromised. These messages urge users to scan their devices or renew their McAfee subscriptions, ultimately redirecting them to McAfee’s official website.
[Photo: Which?]
McAfee has confirmed that this scam is perpetrated by a rogue affiliate violating policy agreements. The company stated, “Scammers try to take advantage of the McAfee brand reputation by impersonating McAfee through fake messages designed to profit from unsuspecting victims. We act quickly to remove rogue affiliates who use scam tactics.”
Google, which was also impersonated in the scam, stated that the warnings did not originate from Google Chrome and highlighted that they have updated their URL protection through Google Safe Browsing for Chrome users on desktop, Android, and iOS.
Meta, Facebook’s parent company, confirmed that it removed the reported posts and continues to monitor such fraudulent activities.
Tips to Prevent Hacking
To safeguard your social media accounts from being hacked:
- Use unique, strong passwords for different accounts and consider using a reputable password manager.
- Install antivirus software on your devices.
- Regularly update your devices to protect against new viruses.
- Enable two-factor authentication (2FA) or two-step verification (2SV).
Reporting Hacked Accounts
If your social media account is hacked:
- Visit the help page of the platform to recover your account.
- Change your password and log out of all devices before logging back in with the new password.
- Inform your contacts about the hack and advise them to ignore any suspicious messages.
Avoiding Recovery Scams
Be cautious of individuals offering account recovery services on social media, as these are often scams.
Report fraudulent messages and scams impersonating McAfee to [email protected]. If you lose money to a scam, contact your bank immediately using the number on the back of your card and report the incident to Action Fraud.
Action Fraud revealed that 22,530 people reported account hacks in 2023. Stay vigilant and follow the recommended precautions to protect your online presence.
Spotted something? Got a story? Send a Facebook Message | A direct message on Twitter | Email: [email protected] Latest News