Facebook revealed that as many as 90 million accounts may have been hacked , due to a ‘security issue.’
Attackers exploited a vulnerability in Facebook ’s code that impacted the ‘View As’ feature that lets people see what their own profile looks like to someone else.
This allowed the attackers to steal Facebook access tokens which they could then use to take over people’s accounts.
While the issue has now been resolved, the problems may not end there, according to one expert – we may now also see a string of phishing attacks.
Phishing attacks occur when an attacker pretends to be a trusted entity, fooling you into opening a malicious email or message.
Oz Alashe, CEO of cyber security platform CybSafe , said: “Facebook is going by the book notifying authorities as soon as it detected this vulnerability, and it should be applauded for its quick action.
“However, with a security issue as high profile as this one, it’s likely that phishing attacks will swiftly follow urging recipients to change their Facebook passwords via an email and then directing them to a malicious phishing site.
“It’s important to be extra vigilant, to follow Facebook’s instructions on the site or app, but do not act on unsolicited emails unless you are able to verify the sender.”
How to recognise a Facebook phishing scam
Many Facebook phishing scams use similar tactics to fool you.
You should always be wary of the following signs:
- Sudden changes in how friends act
- A friend request from someone you’re already friends with
- Friends or family asking for money out of the blue
- Promises of financial gain, free app items, or free gifts after filling out a form of personal details
- Any form that asks for your Facebook login credentials
- Videos not matching their title
- Poor grammar in posts or comments
- Work at home links
What do to if you think you’ve received a scam Facebook message
If you ever wonder if a friend’s post, message, or chat conversation is actually them, go directly to their profile from your friend list and send them a message.
You should also report any messages you’re worried about to Facebook.
You can email them directly at firstname.lastname@example.org