Scammers pretend to be official Facebook pages to target victims | Detective T.C.

It is nothing new that scammers often pose as officials from some service or company, to deceive potential victims. One of the cases reported to TudoCelular this week includes the attempted theft of Facebook credentials.

Do you want to know the details about the threat, what dangers it causes and how to protect yourself? O TudoCelular Detective separated the main information and tells you in detail in this column.

A user reported to Facebook that he received a direct message, through Messenger, from a page – with the name “Tyler-Sp” – that pretends to be from Meta’s support team and uses the company’s logo to convey truthfulness to the attempted fraud.

The message was an official “important notification”, warning that the user’s page would be permanently deleted due to an alleged post that violated the platform’s copyright rules. See below:

The text contains a trap. It states that, if the user finds that the alleged violation is not valid, they should click on a link to register a complaint before the false removal takes place.

The scammer makes good use of the method called “social engineering”, which provides more personalized attempts for each potential victim. This, in practice, would give the coup a greater chance of success.

In the case in question, the cybercriminal analyzed the user who has a page for work. Which, if the page were taken offline, would cause great harm to the individual. This more targeted alarm would tend to be effective when the person believes.

There are some very definite signs that this is a scam. One of them appears immediately upon approach, made by an external account, and not by a notification from the platform itself.

When accessing the profile described, there is no sign that it is an official Meta account for possible announcements – especially because the company does not make announcements in this way.

Another point is in the link used. In the presence of “facebook.com” At first it may deceive some inattentive users. However, just look at the full URL to see that, in fact, another website will open.

The “official” initials serve as a redirection of the service to another web page. The malicious website to which the individual would be redirected has another path, “fyp.bio”through which user data is collected by the cybercriminal – who can later use it to invade your services account with the same credential.

Although TudoCelular received this alert and it was clearly targeted, the reader does not seem to be the only one suffering from the same problem. It is possible to find more recent reports on the internet with the same scam.

One of them appears on the platform Complain herefrom a user from Novo Hamburgo/RS, who received a similar message via Facebook chat and seems to believe it to be a legitimate case.

Further proof that there are social engineering mechanisms applied in this scam. In the case of the message revealed in the online complaint, there is no mention of effects on professional use, but rather signs of impacts also on personal accounts on the social network.

To protect yourself from this type of scam, the first tip is not to believe messages from unknown contacts with alarmist texts and external links. Meta and other companies do not usually carry out this type of communication.

Also avoid clicking on links sent through messengers, which do not have proven origin. They can redirect you to malicious websites, with the risk of having your credentials stolen or malware installed on your device.

Finally, if a suspicious message comes to you, be sure to report the profile that carried out the act, so that action can be taken in relation to the account used by the cybercriminal.

Have you ever received a similar scam message on your personal or professional Facebook account? Report to us in the space below.