Just like a character in a horror movie investigating a strange noise in the basement, we can all be a little too curious for our own good. Unfortunately, it’s this exact curiosity that’s being exploited by bad guys on Facebook. But how exactly are they doing it—and even more importantly, why are they doing it?
If you’ve received a link to a video on Facebook messenger saying, “this looks like you”, do NOT click on the video. It is a scam. Without understanding the risk, many people are unknowingly falling victim to this attack simply because they figured they were watching a harmless video sent to them by a friend. Little did they know, one small click is all it would take to compromise their Facebook account, and potentially their device as well.
How it starts
If you haven’t seen this message already, it begins when you receive a message from a “friend” on the Facebook messenger app. All it is, is a text that says something along the lines of
“This looks like you in this video”
“I think you appear in this video”
Or even,
“It looks like someone you know was in this car crash”
Most of these messages will have a link to click, but others have attachments such as the one below:
While this “friend” sending you the message could be someone you barely know and just have added on Facebook, it could also be someone you’ve known your whole life—all this means is that whoever sent you this message has had their account taken over by the scammers and that the bad guys are trying to do the same thing to you.
What happens if you do click on the video?
If your curiosity does get the best of you, clicking on the video can result in a number of different things.
1. Fake Login Screen
One outcome we’ve seen will open up a new page that looks just like any other Facebook login screen. It’ll ask that in order to allow access to the video, you’ll need to verify your account information, which is exactly what the bad guys want you to do. Inserting your login credentials here will hand them directly over to the criminals. From here the scammers are free to do whatever they want with your information.
2. Installation of malware
Another way the criminals can get to you and your information via this “it looks like you video”, is by having you install malicious software disguised as a plugin or download required to watch the video. While the goal of the criminals is still the same—taking over your account with the intention of spreading the video to others—the malware allows for more complex methods of doing so. According to an IT firm ESET, the malware has the capabilities to add more friends, create fake pages on, share/create/edit your post, and even unfollow other users.
Not to mention there is also the risk that ransomware could be installed using similar methods, which could completely lock you out of your device and encrypt your personal files.
Note: You are not guaranteed to get infected with malware if you click on this message—this is just one of the possible outcomes, and is also dependent on the device and platform and you are using.
3. Spreading it to others
If you did click on the link, one of the first things you may notice is that you’ve also sent the message to everyone in your contacts. The good news is, is that you still have access to your account. The bad news is, the bad guys most likely have your login information.
If you have clicked on the video…
If you no longer have access to your Facebook or messenger account, it can be a tedious process to get back in. The only thing you really can do is to get in touch with Facebook support and report the issue to them. You can visit their help center here.
If you do, here are some steps you can take to try and minimize the potential damage that scammers could get away with.
1. Change your Facebook passwords immediately
If you remember putting your information into a login screen after clicking this message, it’s only a matter of time before the bad guys try to take over your account and completely lock you out. Changing your credentials before they do so can be your best defense against this kind of attack.
Regardless of if you still have access or not, you also need to change this password if you’ve used them anywhere else (other social media or online banking accounts). It’s highly recommended that you do so because all these stolen credentials that scammers collect can be bought and sold to other criminals on a massive scale.
2. Set up two factor authentication
Both Messenger and Facebook have an extra security feature known as two factor authentication. This sends a 6-digit pass code to your phone number that’s required anytime you try to log in. So unless the bad guys have this 6-digit code, there is no way for them to log in to your account.
You can activate this by going to settings, privacy, and looking for the option to enable two factor authentication.
3. If you do believe you’ve installed malware, limit the damage that it can do
Depending on the device you’re using, it can be easier/harder for malware to be installed. If you are using a computer, and you believe there’s a chance malicious software has been installed, the best thing to do in this scenario would be to take your device to an IT specialist. While there are a number of steps you can take to try and detect/remove the malware yourself, if you wouldn’t consider yourself tech-savvy, it’s better to leave this to the professionals.
4. Warn Others
One last thing, share this with your family and friends. Create a simple post telling them not to click on videos that say “this looks like you…”, or share this blog post with them. Spreading awareness for these types of scams can help others completely avoid them in the first place.
If you have been infected and you’ve sent this message out to all your contacts already, make sure to let everyone that’s received the message know that you were hacked, and to NOT click on the message.
