Kingston Police have shared details of a phishing scam taking place on Facebook. According to a media release, dated Monday, Feb. 5, 2024, the scam looks legitimate but has cybercriminals gaining access to users’ accounts.
“This Facebook phishing scam starts with a post from a friend that says, ‘I can’t believe he is gone. I’m gonna miss him so much.’,” police said. “The post contains a link to a news article or video, but when you click the link, you are taken to a web page that prompts you to log in to Facebook. If you enter your information, you are taken to an unrelated page. No news article exists, but scammers have just stolen your Facebook credentials using a phishing attack.”
According to the release, scammers use compromised Facebook accounts to post these “I can’t believe he is gone” phishing links. The posts appear to come from your friends and family, police noted, which makes this phishing attack very convincing.
“If you fall for their tricks, scammers can then use your Facebook account to post the same message to your friends and family,” police said.
In the release, Kingston Police provided the following tips to avoid falling victim to a Facebook phishing attack:
- When possible, use multi-factor authentication (MFA) as an added layer of security for your accounts. The MFA will prompt you to provide additional verification before logging in, making it more difficult for scammers to compromise your account.
- A post from a friend may seem trustworthy, but their account could be compromised. Reach out to your friend over the phone or text to verify that their post was legitimate.
- Remember, this type of phishing attack isn’t exclusive to Facebook. Scammers could use this type of attack on any social media platform.