New Facebook Phishing Scams
In recent months there have been 2 major phishing scams that I have seen on Facebook and it seems they haven't slowed down at all. The first that I noticed was with their messaging service. You would receive a message from one of your contacts with a link to what looked like a video of you as it had your profile picture as the thumbnail. When you clicked on this link not only would the person then have access to your account but it would redirect you to a page that then downloaded malware on your computer. As such any time your receive links to videos or anything of the like from your contacts please call and/or text them to validate that they sent it first and that it is a legitimate link.
The second major phishing scam came to my attention today from The Hacker News and it has to do with the newer recovery mechanism that Facebook put in place utilizing trusted contacts. The attacker would initiate a password recovery on your account at which time you would get an e-mail with a link in it to reset your password. The attacker would then message you saying they were trying to recover their account and needed the last few digits from the link that was sent to you. At this point they would finalize the password recovery process and change your password and you would lose access to your Facebook profile.
So please be vigilant when it comes to your accounts and verify any e-mails and messages you get with the sender.