Learning Center

Hi, I'm Mark, the host of SAFE Cents! Welcome to our Learning Center, a place where you can improve your financial health.

Facebook Hackers: What's behind their biggest scam yet.

Blog Post
2 min read
blue Facebook like buttons

“Don’t accept any requests or messages from me! I’ve been hacked!” You may have seen posts like this on your Facebook newsfeed, or even worse—you’ve had to make one yourself. Facebook hackers have deployed such large phishing operations in recent months, you’re likely to know someone who's fallen victim.  According to the Federal Trade Commission (FTC), hackers victimized countless social media users and stole a total of $770 million from them last year alone.

Let’s break down how their most recent trick works and how you can protect yourself.

Here’s how it works:

The scam starts when the hacker creates a fake Facebook profile and sends out hundreds of new friend requests. Once accepted, the hacker uses Facebook Messenger to send out malicious links disguised as viral videos or other material you’re likely to click on.

The link takes you to a bogus Facebook log-in page where you unsuspectingly type in your credentials under the assumption you’ve accidentally been logged out of the app. And just like that, the hacker now has your username and password.

From there, they can quickly take over your account and even gain access to payment information you have saved in subsequent websites you log into with Facebook. It's a vicious cycle that may seem hard to combat, but there are ways to keep it from happening to you.

How to protect yourself:

Don’t accept friend requests from people you don’t know - Sure, it’s great to meet new people, but you should always be on the look-out for fake profiles. A few red flags might include limited account history, little or no mutual friends, and a lack of personal content.

Use caution when clicking on links- You should never click on links that require you to enter your personal information. Keep in mind, too—secure websites always start with ‘https.’ The ‘s’ stands for secure, meaning the website uses encryption to help protect your information.

Use strong Facebook credentials- Your username and password should not contain any personal or easy-to-guess information. Facebook suggests your password contain a combination of at least 7 characters, but the longer, the better.

Like and follow Facebook’s Official Security Page- Facebook has its very own profile page dedicated to security news and updates. Simply liking the page will allow you to regularly see valuable security content in your newsfeed.

If you think your Facebook account has been hacked, you should visit Facebook’s Help Center. There, you’ll find a guided help tool with steps you can take to secure your account along with other resources to keep yourself safe on the app.