MoneyDon't Waste Your Money

Actions

Facebook Messenger scam snags 10 million victims, more conned every day

Woman loses control of her Elvis fan page and 32,000 friends
Facebook Instagram
Posted
and last updated

Cissie Lowe is a huge Elvis Presley fan who loves everything about The King, especially his movies.

"We've got Viva Las Vegas with Anne Margret," she said. "And I also like King Creole and Blue Hawaii."

She founded an Elvis fan page on Facebook 7 years ago, gaining 32,000 followers, whom she considers personal friends.

Moderating the site took up a good part of her free time, until recently.... when a hacker took it over and locked her out.

"A month ago, it got stolen from me," she said. "And nothing's been done about it."

Lowe believes a hacker in Indonesia (based on tracing the new administrator) now controls the group she founded seven years ago.

"He took me out of my group, blocked me, and I couldn't even get in it," she said. "He took my admin status away."

She believes the hacker is now making money selling the contact info of all her followers.

So how did a scammer get her password? She has no idea.

We contacted Facebook executives, hoping they could investigate, but have yet to hear back.

Cissie Young.jpg
Cissie Young, Elvis Presley fan

How this new Facebook scams works

Unfortunately, scams are all too common, where someone takes control of your Facebook page or another social media site.

One phishing scheme, however, has impacted 10 million people and counting.

That's according to Chris Cleveland, founder, and CEO of PIXM, which recently uncovered a massive phishing campaign on Facebook Messenger.

Cleveland says an attack typically starts with a message from someone you know.

But the message isn't from your friend: it's actually from a hacker who has taken over their page.

"I get this message," Cleveland explained, "and I enter my credentials there. Now the hacker can send that message to all my friends (posing as me) and propagate the message that way."

In an example provided by PIXM and HelpNet Security,you click a link about something interesting (or perhaps a government stimulus or grant program) that appears to be sent by a friend.

Once you click the link, you're redirected to a legitimate ad (that makes the whole thing look official) before being sent back to a fake login page.

That's where hackers ask you to re-enter your Facebook password. As soon as you do that, they have control of your account.

How to protect yourself

So how do you protect your information?

Cleveland says two-factor authentication is a must, where you get a text alert before anything is changed on your account.

Beware unusual requests from friends, such as requests to click something to get free government money.

"Even if you trust that person," Cleveland said, "make sure you contact them first before you take that call to action or click on that link."

Finally, he says never use your Facebook password for other accounts. If the password is compromised in any way, the hacker can get into your other social media accounts, even your bank account.

Cissie Young is devastated, unable to access her Elvis fan club and contact her 32,000 friends.

"I got robbed. I feel violated," she said.

She may or may not be a victim of this latest scam but is just praying that Facebook restores her administrator credentials for her Elvis fan club.

Bottom line: If something feels strange, don't click, so you don't waste your money.

_______________________

Don't Waste Your Money" is a registered trademark of Scripps Media, Inc. ("Scripps").

Like" John Matarese Money on Facebook

Follow John on Instagram @johnmataresemoney

Follow John on Twitter (@JohnMatarese)

For more consumer news and money-saving advice, go to