Scammers know how much time people spend on Facebook, so that's where they use many of their tricks. Have you ever received a random direct message or timeline post on Facebook from an old "Friend" you haven't talked to since high school? Sometimes, it's genuine curiosity which leads them to reach out. However, more times than not, it's not them at all - but rather an online scammer trying to hack your device or account for information they can use against you. This is known as "malicious tagging."
Malicious Tagging in a Nutshell
In a nutshell, it involves a scammer gaining control of your Facebook account and sending out a post or direct message that includes a link and/or tags of your Facebook "friends." Tagging your friends from your account helps scammers appear real to the receivers, which encourages them to click the link. And it's those clicked links that lead to harmful results.
If you're one of those friends and you click a malicious link, potential consequences include you downloading software that scans your device for sensitive information like your email address, location, number, etc. the scammer can then use to access your financial accounts.
And once the scammer has done it once, they can do it again if not caught. There's a high likelihood that a scammer who's gained entry to your Facebook account will returning to commit the act over and over again until you (hopefully) change your credentials.
Hiding in Plain Sight
The challenge with this scam is that the criminals make it look like those posting are providing a harmless link that friends understandably want to follow. That's why you need to stay alert. If you see a post that includes multiple tags and a link, don't click it. Instead, report the post to Facebook, hide it from your Timeline, and notify the friend whose account it came from of the activity and encourage them to update their login credentials to be safe.
Scammers like to hide in plain sight for obvious reasons:
- It's more convincing to those they're targeting.
- There's practically a "template" for what the scam should appear like (identical to normal social media activity)
- Social media gets people's guard down since they assume they're on with trusted friends.
- The largest concentration of people online revolved around social media platforms like Facebook, YouTube, Twitter, etc.
Malicious Tagging is largely seen on Facebook, however, that does not mean other social platforms and online forums aren't subject to the same scams. Be alert whenever you're online or sharing sensitive information on an account. The web is a hotbed for scammers, so keep an eye out for anything that looks different from what your friends or online connections usually posts to avoid getting hacked yourself.