I have seen some of my friends Facebook pages being hacked, or their account being compromised. One way which the hackers can get hold of your account details is through 'Phishing'. Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, credit card numbers, or other sensitive details by impersonating oneself as a trustworthy entity in a digital communication.
Today I got one of such Phishing attempt on one of the page I manage. And I want to share how one can easily identify such Phishing attempts and how one can safeguard oneself from such attacks.
Earlier today, I got the notification from Fǝœbook security identity policy stating that my page has been reported by others about lying or fraud.
Curious, I open the notification which is as below
Right away, I knew that this was a phishing tactics. These hackers have also mentioned many other pages apart from my page.
Also notice the name 'Fǝœbook security identity policy', it is not 'Facebook' but 'Fǝœbook'. They have used the characters similar to Facebook to confuse people. Also Facebook as such wouldn't allow people to use the name 'Facebook' on their profile or pages.
Upon clicking the link given above, it takes me to a website (https://enough-to-wait-for-what-you.my.id/) where they have made it look like Facebook.
This is where the real Phishing takes place.
If you mistakenly thought the notifications were from Facebook, and if you type in your email/phone number and password, these details will go to the hackers. And they will be able to easily log into your account with it and hack your account.
Here are some points to keep in mind.
- If you Facebook page is violating any rules, Facebook will directly message your page.
- Take note of the Facebook profile and ascertain the genuineness of the page. If it is an official Facebook page or profile, it will always have a blue tick.
- Don't click unknown links. Check the website address after clicking the link.
- Incase if you have given your details to such Phishing sites, change your password immediately. Also consider changing password of your email, financial services etc which has the same email address.
- Report the Page/Profile to Facebook. They will take it down eventually.