Urgent Warning to Facebook Users: The "I Can't Believe He's Gone" Scam

There’s a new scam on Facebook that is picking up steam called the “I Can’t Believe He’s Gone” scam.  This scam post is sometimes accompanied with a fake news article (e.g. traffic accident) or just a link.  The phrasing is designed to create curiosity and entice users to click on the link, which leads to malware.

If you have been with us for any amount of time, you know that we advocate for “Stop, Think, then Click '' on everything and anything on the internet.  Especially, when something evokes emotion, which is how these scammers use psychological tricks to fool you into clicking.

The “I Can’t Believe He’s Gone” text and accompanying link is often posted by a hacked Facebook account.  Typically, it’s someone you trust and know, which helps fool lots of people into the scam.  Hopefully, you will have noticed that this type of posting is out of character for your friend who has been hacked.  With the practice of “Stop, Think, then Click”, you probably noticed (without clicking) that the link takes you to an unfamiliar website or source.  This is a huge red flag and if you follow the practices we teach, you know to stay clear of links to unknown and unfamiliar websites.

Both Anne and Ryan have come across this scam in the wild.  It seems to accompany a shocking news piece about a traffic accident, sparking immediate curiosity and concern. This emotional response is why the scam is so successful.  Most people will click the link right away.

Apparently, when clicked, the user is redirected through multiple sites, a technique designed to gather personal information to better deceive the user with an attack. This process, known as 'fingerprinting,' collects data about your browser. The attacker’s goal is likely to redirect the user to spoofed (fake) websites resembling websites that the victim is familiar with.  This could be spoofed (fake) news outlets and banking websites.  The goal is to steal login credentials, personal information or trick the user into installing malware.

If you’ve clicked a malicious link, then it’s important that you take immediate action.  Here are some things that you can do:

1) Close the browser immediately. 

If you’re in a situation where clicking close on the browser opens more pop-ups, consider using keyboard shortcuts to force close the browser.  On Windows, use Ctrl+Alt+Delete to force close applications. On Mac, Option+Command+Escape performs a similar function.

2) Scan your system for malware.

3) Consider updating your passwords and enabling two-factor authentication.

4) Monitor your accounts for suspicious activity.

In cases of a severe breach of your computer, devices or information, contact your bank and credit cards to temporarily freeze your accounts.  Let them know the situation so they can thwart any impersonation attacks on your financial institution.  At this point, it would be prudent to monitor your credit to watch for any suspicious activity.  Another consideration would be to employ professional help from a trusted computer repair shop to ensure your devices are free of malware.

In closing, you are your first line of defense when it comes to avoiding these situations. By practicing “Stop, Think, then Click”, you can hopefully avoid a lot of these situations.   Always be proactive in your digital interactions to avoid scams, phishing and malware.