Gary Huestis was recently featured in a Cybernews article titled “Facebook copyright scam intensifies, users left stranded.”
Huestis was asked to comment about what Facebook users should do to avoid scams and how to protect themselves online.
Cybernews Article Summary
Facebook users are under attack. An insidious scam has been escalating in intensity, seeing users not only lose access to their accounts but sometimes even suffer financial damages or lose irreplaceable memories.
As with any internet threat, knowledge is your first line of defense. Let’s delve deeper into what’s happening and how to protect yourself.
A Growing Threat:
The scam making headlines primarily involves fake copyright infringement notices being sent to Facebook users. Upon receiving these notices, users inadvertently hand over their credentials to the attackers. This issue, initially reported by Cybernews, has gained momentum throughout 2023, with more and more users falling prey.
Many have found their Facebook accounts renamed to “Meta Copyright Infringement” or completely disabled. Worse still, some users have been exposed to credit card fraud or have seen their business accounts suspended. Others lost access to years’ worth of photographs and memories.
Making matters even graver, hacked accounts were sometimes used to distribute explicit or violent content. A particularly unsettling example includes a user who found a picture of men with AK-47 guns shared via their account, captioned in an unfamiliar language.
The aftermath of the attack isn’t pleasant either. Users have expressed significant distress regarding Facebook’s appeals process. Communication seems sparse, and many users feel left in the dark. One user, who had been on the platform for 16 years, lamented the inability to access any of their associated business accounts. Another grieved over potentially losing photos and memories of deceased family members, despite repeatedly reaching out to Facebook for support.
What Experts Say:
Joe Karasin, from the Karasin PPC digital marketing company, highlighted the grim reality that once an account has been compromised and content deleted, recovery might be impossible. For those who experience financial fraud due to the scam, acting promptly is crucial. Contacting the bank immediately upon discovery could be the difference in mitigating the damage.
Karasin provides some indispensable advice:
- Facebook will never directly message you, especially on personal accounts. Genuine copyright infringement notices would be in notifications, not in Messenger or your email.
- Avoid clicking on links from strangers.
- If a known contact messages you in a suspicious manner, verify their identity with a question only the two of you would know.
Gary Huestis of Powerhouse Forensics adds that affected users should report compromised accounts at facebook.com/hacked. Furthermore, monitoring your Facebook activity for any unauthorized posts or messages is crucial to halt the scam’s propagation.
For proactive defense, Huestis suggests users enable login alerts and two-factor authentication via Facebook’s security settings. Being cautious about emails or messages asking for security details is a simple yet effective preventative measure.
Understanding the Scam:
Initially, this phishing attack seemed to target organization accounts. The scam involves counterfeit notices threatening account suspension or termination, citing a violation of Facebook’s Community Standards. The urgency is a classic phishing hallmark, with warnings of “permanent disablement” if action isn’t taken swiftly.
Avanan, a cybersecurity firm, pointed out the red flags. While the appeal link appeared genuine, it redirected users to a malicious, credential-stealing website. The sender’s address was noticeably fictitious, but the rest of the notice was convincingly crafted.
Final Thoughts:
In the digital age, scams evolve, but our defenses can too. Staying informed, being cautious, and adhering to best practices can shield us from the majority of threats. Remember to always think before you click, and maintain a healthy skepticism of unexpected messages, even if they seem to be from familiar platforms. The best protection is vigilance.
For more information on this story, refer to the Cybernews article.
