Notes from underground

يارب يسوع المسيح ابن اللّه الحيّ إرحمني أنا الخاطئ

Facebook hacked, distributing malware?

I got a very weird message on Facebook, saying that my last post was spam and I should check it.

I was curious to know what that was, so went to look at it.

I then got this message:

Let’s check your device for malicious software
Hi Steve, we’re continuously working to keep your account secure. We’ve noticed that this device may be infected with malicious software. To continue to use Facebook, you can either use other devices or clean this device by downloading the scanner provided by Facebook and Trend Micro.

Note, no information about the alleged “spam” message, but an invitation to download an unknown program and run it.

So I suspect that the initial message was a ruse to grab my Facebook password and hack my account.

I advise anyone receiving such a message to ignore it, and warn others about it as well, and try to find out from “Facebook Site Governance” what is going on.

Tweet and retweet this, and share a link to this post on Facebook before you too are locked out.

Appendix

I thought it might be useful to others to describe exactly what happened, in case they encounter the same thing.

  1. I got a “notification” that something I posted was suspected spam. It wasn’t clear if it was a post or a comment on someone else’s post.  It said I could click on the notification to see the suspicious post.
  2. I wanted to see the suspicious post, because I wanted to see if it was something I had posted, or if it was someone else impersonating me. Several of my friends have had people impersonating them on Facebook in the past.
  3. I clicked on the notification, and was asked to log in to Facebook. That made sense. If someone was impersonating me, they would want to make sure it was actually me, rather than the impostor.
  4. But when I logged in, I was not shown the offending post, but the message shown above. That sounded all the alarm buzzers, like the terrain warning alarm on an aircraft flying too low “Terrain! Terrain! Pull up! Pull up!”
  5. This was not showing me a post that was suspected spam — it was asking me to download something to my computer.
  6. I copied the message displayed, and saved it, and then went out of Facebook, and tried to go in again afresh.
  7. It asked me to log in and then displayed the same message I had copied.
  8. I concluded that when I had logged in, expecting to see the spam message, they had stolen my password, and changed it, so I could no longer log in to Facebook.
  9. It was at that point that I thought I should warn others of this.
  10. I’m pretty sure that whatever it is they asking me to download is malware of some kind. So if you see a “notification” that something you’ve posted is suspected spam, whatever you do, don’t click on it!

 

Advertisements

Single Post Navigation

2 thoughts on “Facebook hacked, distributing malware?

  1. Trevpr Stone on said:

    Hi Steve
    Rule 1: Never follow a link in an email that requires you to log in.

    regards
    Trevor

    • Agreed!

      But this one was sneaky — it wasn’t in e-mail, but in a Facebook notification, which is what made me think that Facebook itself has been hacked. I’ve seen things in the private messages on Facebook saying things like “So-and-So sent you a video” which look suspiciously like hacks, but this is the first time I’ve seen one in a Notification.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: