Just as we saw "distress" scams surface on Facebook last June — phony messages from traveling "friends" who ask for money because they're in a jam — this past week saw a new scam that threatens you with Facebook account closure unless you confirm they want to keep it open.
While tied to Facebook, this message is appearing in email inboxes around the world, and looks something like this:
Hi [email address],
We are sending you this email to inform you that we have received an account cancellation request from you. Please follow the link below to confirm or cancel this request.
To confirm or cancel this request, follow the link below: (a hyperlink is included)
The Facebook Team
If you click on the link in the authentic-looking email, malicious software ("malware") could be installed on your computer. Once the computer is infected, victims may see a pop-up window that says you should purchase the advertised software to rid your computer of this malware.
Naturally, this isn't coming from Facebook. Cancellation requests need to be initiated by you -- and it's all done while logged into your Facebook account, and not via a random email.
"Scareware" tactics aren't anything new, of course. Scammers trick users into buying software to remedy a problem caused by the same individual or organization (or a partner in crime).
Bu this new "Facebook cancellation" scam might do significant damage if you consider the social network has more than 900 users, therefore a good number of people who receive this phony email might believe the pitch.
The website you're linked to from the email looks like it's an official page, but if you look at the URL (website address) you'll see it's really a third-party website. You'll then be asked to run a Java-related executable program. In a word, don't. In fact, if you receive this email, simply tap the delete button to send the message to trash. It's also highly recommended to use strong antimalware software to protect your computer from various threats.
Ye olde distress scam
What's that? You missed last summer's biggest Facebook scam? Don't worry, it's back.
Many Facebook users are seeing repeat of last summer's Facebook distress scams. These Facebook messages or emails appear to be from one of your Facebook friends — when in fact they're from a thief out to defraud you.
Here's one I received yesterday:
I'm writing this with tears in my eyes. I came down here to London, United Kingdom for a short vacation. Unfortunately, I got mugged at the park of the hotel where I stayed, all cash and credit card were stolen off me but luckily for me I still have my passport.
I've been to the Embassy and the Police here but they're not helping issues at all and my flight leaves in few hours from now but I'm having problems settling the hotel bills and the hotel manager won't let me leave until I settle the bills. Well I really need your financially assistance. Please, let me know if you can help me out? I am freaked out at the moment!!
Usually, like with many scams, the scammer will eventually request the money to be transferred via an online money wire service like Western Union.
So, what to do? First of all, never write back. If you don't recognize the person, click Delete and go about your business. You could also report this fraudster to Facebook.
If you do recognize the name, there's no harm in contacting your alleged "friend" by another means to ask if it's really them. Chances are pretty good it's not. Even if you know them, is it like them to ask you for money while overseas?
Also, I cleaned up the spelling and grammar in this above distress message but you'll notice these scams don't often look quite right. Would a friend really say "I need your financial assistance"? That sounds a tad formal, no? And what about "I came down here to London, United Kingdom for a short vacation"? Huh?
You get the point — while your heart might be in the right place, be aware it's likely a cybercriminal looking for his or her next victim.
Who's snooping on your Facebook profile?
A good number of Facebook's users have probably been asked this one question in some way, shape or form:
Do you want to see who has been visiting your Facebook profile? Click here to find out!
Is it true? No, it's a scam.
Usually, these spammed messages or rogue third-party applications are designed to trick you into visiting survey websites that request information from you. Or they ask you to pay for software or sign up for expensive services.
For example, you might be prompted to complete a phony survey, which then links you to a non-Facebook website. When you're there, the site claims to have detected a virus on your computer — just like the "Facebook cancellation" scam -- and you must download and install antimalware software immediately to remove the threat.
Or you might be asked to type in your mobile phone number to win a prize, when in fact you're inadvertently signing up for a text messaging service that could cost you money for every text message received.
To propagate the scam, you may be asked to let the app access your Facebook friends list. Once you click to grant permission, the app automatically sends a copy of the message to all your Facebook friends or it posts an endorsement to your wall (e.g. "I just tried this and it works"!).
The app might also show you a list of people who are "stalking" you, pulled randomly from your list of Facebook friends.
These bogus Facebook messages and apps come in a variety of ways, so be cautious.
If you see these kinds of messages on Facebook, do no click on the link provided and do not give the application permission to access your account. If you're getting this message from a friend, let them know it's a fake (they may not even know they "sent" you the note) and report the scam to Facebook at facebook.com/help/scams.