Beware Of ‘Malicious Tagging’ Facebook Scam: What To Know

If you're on Facebook, then you may have stumbled upon the "malicious tagging" scam on your newsfeed. It's when a Facebook friend tags you in a video post with the wording "Just died in an accident." Your initial thought may be, "Oh my gosh what happened?" Or maybe you just scroll straight past it because it seems like a strange post. This is especially true if you personally know the person posting. Unfortunately, it's all a part of a growing scam called malicious tagging. It's when scammers hack into your friend's account and tag you.

The links attached to the post often say things like "Look who died in an accident… I think you know him" or "Observe how they are around another spouse." They look real at a glance, but multiple sources say they are not.

According to the Department of Information and Communications Technology (DICT), when you click the link, it takes you to a fake Facebook login page. It's a way to get your login information, hack it, and take the scam further, or get your personal information loaded with your profile.

Many know that Facebook will allow you to log into other platforms through your account so it's a uniform email password to log in. Scammers know this too. By getting into your Facebook, they can have better access to all these other accounts where you have personal information lying around so that they can steal your identity and get access to your bank accounts.

The Better Business Bureau (BBB) outlined several steps to take when you suspect or are confronted with malicious tagging on Facebook, and sometimes when using Twitter. The BBB warns against clicking on links that contain descriptions such as, "exclusive," "shocking" or "sensational" footage. If it sounds over the top, it's likely a scam.

Scammers often use link-shortening sites to disguise malicious links. Don't fall for it. If you can't tell the destination of the link without clicking, there's a good chance it could lead you down the wrong path.

The malicious tagging scam has impacted so many people because people assume that whatever their friends post is safe. However, you unfortunately can't be sure your friends' computer hasn't been hacked. Even when it appears your friend is "liking" or sharing a link, it could also be part of a scam.

To help stop the rapid spread of this malicious tagging scam, it's helpful to report an issue on the social media platform.

Most people like to think they're pretty tech-savvy. However, Cobalt Labs, Inc., a platform for security and development, reported that 2,220 cyberattacks occur each day, which equates to 800,000 attacks per year. According to AAG, an IT services company, nearly 1 billion emails were exposed in a single year, affecting 1 in 5 internet users.

In January, there was a data breach that exposed billions of records online. Many outlets referred to this breach as the "Mother of All Breaches."  In a detailed report from CyberNews.com, the leak included websites like Dropbox, Linkedin, and X (formerly known as Twitter). They mentioned in their report that if users use the same passwords for their Netflix account as they do for their Gmail account, attackers can use this to pivot towards other, more sensitive accounts. They added, "Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails."

There are many ways to tell if you have been hacked, from redirected internet searches and unexpected installs to rogue mouse pointers. Some studies show that random pop-ups that quickly appear with links or advertisements can be a sign. Sometimes, one may see fraudulent antivirus warning messages, saying that your computer has been hacked from an antivirus "software" you have never actually installed. This can also be unwanted browser toolbars, emails sent from your email to your contacts, and passwords being declined among other telltale signs.

For many years, people have been told over and over again about the risk of hackers tapping into your technology. Even as technology advances and more and more security software and management techniques are created to prevent these hacks, scammers continue to find ways to break in.

There's only one sure way to avoid getting hacked. And that's to never go online. Unfortunately, many of us don't have that option. So, check out some of the top mistakes that can get you hacked below.

Many of us are still using the same password across many different accounts. While it's pretty common, it's not a good habit to have. If you're reusing passwords for multiple websites and accounts, a hacker could potentially use that password to log into those accounts. Nobody wants to have to remember a 16-digit password for every single one of their accounts, especially when getting locked out of a computer or platform at the most inconvenient time. But if a security breach were to happen, that's one less problem to worry about. Like, remembering which accounts are at risk of a threat.

Personal data exposure is really a thing. When you share personal information on social media, you expose yourself to the risk of identity theft and fraud. According to the New York Institute of Technology, Cybercriminals can use the information you share, such as your full name, date of birth, and location, to impersonate you or launch targeted attacks. Most people know that sharing sensitive information such as your car information, address, work history, or phone numbers can make you vulnerable. But some people forget that this information can also be identified through pictures and innocent as sharing your new car photo or your child's first day of school photo.

Hackers can use unsecured Wi-Fi connections to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer. Free public Wi-Fi is available almost everywhere at places like restaurants, hotels, airports, bookstores, and even retail outlets. But public wi-fi comes with risks. "Hackers can also use an unsecured Wi-Fi connection to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer," said Kaspersky, a tech company. Some people highly recommended looking into a VPN to encrypt internet traffic and keep your data hidden.

Clicking on a suspicious link or phishing link can sometimes set off a malware download that often contains malicious files. According to Aura, a credit monitoring platform, these links are capable of collecting information stored on your device. Hackers can steal credit card numbers, bank account numbers, usernames and passwords, and other personal information. If you’ve clicked on a phishing link, Cyber Tec Security suggest completely disconnecting from the internet.

The last thing many of us want to do is update our software. But there are many reasons why it's important to do so. Software updates not only fix and improve problems with your software it also helps you avoid hackers. According to the University of Idaho, software updates often include patches that fix vulnerabilities or bugs that hackers can exploit to access your system or data. "By installing the latest updates, you can reduce the risk of cyberattacks and protect your personal and business information," they said.

One of the most effective things you can do to protect your online accounts is turning on multi-factor, or two-factor, authentication for as many of your accounts as possible. This method often uses a piece of information such as a code generated by an app or sent to your phone alongside a password. Two-factor authentication adds an additional layer of security to the authentication process. According to Tech Target, using multi-factor authentication makes it harder for attackers to gain access to a person's devices or online accounts. Most companies have this in place for their employers but it's something you can use for personal emails too.