Business

“Is it you in the video?” Scam On Facebook Is Fooling Users, Stealing Credit Cards (How To Stay Safe?)

By Rohit Kulkarni

Well, if you have ever wondered why cyber criminals are interested in your IM password, its not just so that they want to snoop through your personal information with the intention to abuse it or to sell it to someone else.

Crooks through access to your account, gain a level of trusted access to your friends and family which in turn makes scams of all sorts much easier to pull off .

It may be luring someone to a fake login page, pitching a bogus investment plan, persuading them to submit an application form for a non-existent job or something else. But a scammer is able to entice to click a link using a message that actually came from a friend’s account than if they just contacted you out of the blue.

Not just for privacy reasons, but also for cutting down the sort of unsolicited messages, spams and scams is the reason why many of the users deliberately limit their “circles of contact” on social media.

Menace to those around :-

Through instant messaging, not only is the scammer menace to you but also to those around you.


“Is it you in the video?” :- If you get this message from a friend, there are high chances that you will open the video. No wonder that it is not a video but instead it redirects you to a URL which looks like a FB login page.

The URL (redacted above) clearly has nothing to do with Facebook – it’s a randomly-generated server name on a boutique Hungarian web hosting platform – and, as you can see from the crossed-out padlock icon in the address bar, the site uses HTTP and not HTTPS. Facebook gave up HTTP in 2012, hence any link without HTTPS for Facebook is but fake.

Unfortunately, logging in would submit details to a server running on a low-cost web hosting service in the USA, using a vaguely legitimate-looking domain name that was registered less than a month ago. Once a user does that, he hands his password to the crooks and thus ensures that all his contacts would soon be spammed in turn.

After The Fake Login:-

This scam goes even further – whether as a distraction to buy a bit of time before victims realize they’ve been taken in and rush to change their Messenger passwords, or simply to give the crooks a second bite at the cherry, we don’t know.

After entering your password, there’s a short delay, as you might expect whan logging in to any online service, after which the crooks seem to pick from a range of other scams and redirect you to one of them randomly.

These didn’t look as though they were being run by the same criminals, so we’re assuming the message-spamming crooks were simply hoping to collect “affiliate fees” from other criminals in the underground.

These “second redirect” scams varied from specious VPN offers to a range of those “free” phone deals where all you need to do is pay a modest delivery fee (£1.95 in the variants we saw here), thus giving the crooks a believable excuse to collect your credit card details.

Rohit Kulkarni 1441 posts 0 comments

Rohit is a tech and business enthusiast, who is hell bent on scooping out the truth. He loves reading, understanding businesses and decoding startups.

You might also like More from author

Comments are closed, but trackbacks and pingbacks are open.

who's online