A cautionary note for Facebook users: If you stumble upon a post bearing the words, “I can’t believe he’s gone. I’m gonna miss him so much,” or a similar sentiment, exercise vigilance, as your friend’s account may be compromised, serving as a vehicle for a phishing scam.
Here’s the deceptive sequence: The attacker gains control of an account, leveraging it to share a vague yet distressing message, accompanied by a seemingly legitimate website link. The link often mimics the Facebook domain or poses as an embedded video from reputable sources like BBC News. However, the reality is starkly different—clicking the link redirects users to a bogus website prompting them to provide their Facebook login information. Upon submission, the page captures the unsuspecting user’s credentials. Following this, users are redirected once more; mobile users may find themselves on Google, while desktop users are led to questionable sites promoting browser extensions, VPNs, or affiliate sites. Bleeping Computer highlighted this issue earlier this week.
The malicious twist of this scam lies in its exploitation of compromised accounts to further disseminate the scheme within the victim’s network. Although the scam isn’t entirely novel, having first surfaced around a year ago according to Bleeping Computer, it remains an ongoing threat, with a recent resurgence. Just last week, I encountered this phishing attempt in action when an acquaintance’s account shared the Facebook redirect variant of the deceptive message.