Facebook has grown to be a major force on the internet harboring the accounts and personal profiles of well over a billion people around the world. With such a reach across the globe, Facebook has naturally been the hunting grounds for cybercrooks and hackers who look to take advantage of any gullible user they can.
In the recent efforts of cybercrooks and hackers, a Facebook phishing scam spread through comments on Facebook pages has redirected a multitude of users to a source where they are urged to give up personal information. The scam is one that ultimately attempts to collect financial data from Facebook users, which was successful in its time of being active until Facebook discovered the issue and pulled its plug.
The Facebook phishing scam in question was first discovered by Luke William, a media innovation officer at RNLI. While his expertise didn't surround the detection of such scams, the folks at MalwareBytes were able to thoroughly analyze the scam and deemed it as being another spamming scheme initiated by cybercrooks on Facebook.
Looking deep into the Facebook scam, one could conclude that it is a rather commonly used technique on Facebook to entice users to click on a shortened URL link. The enticement came from simple comments posted on popularized Facebook pages where Facebook users are urged to access the link, or they may have their page disabled. The threatening message to some may seem like a scam right off of the bat. However, when you consider the large population of Facebook, there is always someone gullible enough to click on the link in belief that they must do it or suffer the stated consequences.
Once a user clicks on what appears to be a shortened Linkedin URL link, they are redirected to a page where scammers asked them for their Facebook login information and date of birth. From there, if the web browser doesn't flag the site as being malicious, the user relinquishes their login credentials and possibly their credit card information due to the site asking multiple security questions for supposed verification.
Computer users, and especially those who use Facebook, must always adhere to the warnings that are commonly spewed by Facebook and security experts. Never give anyone or any "other" site your personal login details or financial information unless you are 100% certain of the site belonging to your bank or a legitimate login page belonging to Facebook.
While the recent Facebook phishing scam was disabled by Facebook, many others are lurking with similar methods of stealing information from innocent users. Within any given day, Facebook is putting a stop to some scheme or scam that could eventually lead to serious issues like identity theft or stealing money directly out of your banking account.