SAN FRANCISCO (KGO) -- If you get a message on Facebook that says, "look who died" -- don't click that link or it'll be your own account that perishes.
Online security experts are warning of a phishing scam making the rounds on Facebook that aims to steal your Facebook login credentials or install malware on your device. Its premise is simple, but undoubtedly intriguing: a friend sends you a private message that says, "look who died" along with a link to what looks like a news article. But when the victim clicks on it, it asks them to enter their username and password in what appears to be a Facebook login page. This is the trap.
The video in the player above is not related to the current story. The ABC7 Bay Area 24/7 streaming channel allows you to see news throughout the day.
As soon as the victim enters their information, it's sent straight to the scammer. The scammer takes over the victim's account, locking them out, and uses the account to send the same message to its friends list.
Scammers love Facebook accounts because of all the personal data they can grab, from email addresses, phone numbers, birth dates, private messages, and of course its list of friends -- more potential victims. The stolen data can be used to break into non-Facebook accounts, or sold on the dark web.
MORE: Facebook scammers hack accounts, then solicit friends in private messages, in growing scheme
As a general precaution, users should not click on any link that looks unusual or suspicious, even if it comes from someone they know. If you realize you've fallen for such a phishing scam, cybersecurity service DataProt suggests that you change your password immediately to avoid being locked out of the account, and that you check your security settings to log out of any devices or locations you don't recognize. Once that is done, report the message to Facebook. Then, make sure that no unfamiliar email addresses have been added to your account, and for good measure, change your email password too. (Users should never re-use their passwords across different accounts, but if you're a password recycler, now's the time to change them!) Finally, turn on two-factor authentication for your account, and scan your computer or phone with anti-virus software for good measure.
Take a look at more stories and videos by Michael Finney and 7 On Your Side.
7OYS's consumer hotline is a free consumer mediation service for those in the San Francisco Bay Area. We assist individuals with consumer-related issues; we cannot assist on cases between businesses, or cases involving family law, criminal matters, landlord/tenant disputes, labor issues, or medical issues. Please review our FAQ here. As a part of our process in assisting you, it is necessary that we contact the company / agency you are writing about. If you do not wish us to contact them, please let us know right away, as it will affect our ability to work on your case. Due to the high volume of emails we receive, please allow 3-5 business days for a response.
You may also email 7OYS@KGO-TV.COM.
Please note the address uses the letter "O", not zeros. Be sure to include your full name, email, street address, and phone number.