Skip to Content
Old Facebook Messenger phishing scam returns
© Fizkes |
Security & privacy

If you see these 4 words on Facebook Messenger, don’t click

Meta’s Facebook is undoubtedly the largest social media platform globally, and its Messenger is used by more than 900 million people a month. That is an awful lot of messages, but unfortunately, not all of them are friendly conversations. Tap or click here to use Messenger without a Facebook account.

As with phishing emails and scam text messages, Messenger is often the preferred way for criminals to find new victims. Whether it is to steal money or personal details, the more victims they entrap, the more profits they make.

It can be so lucrative that criminals reuse old scams in new ways. Read on for one such Messenger trick that is making the rounds again.

Here’s the backstory

About a year ago, millions of Facebook users received strange messages supposedly from online friends. It asked a simple question but hid a dark secret. The message read, “Is this you?” and attached a link to a video.

But the URL had been processed through a link shortening service to give the illusion that it’s a video. When you click on it, nothing will play. It instead opens a webpage with a fake Facebook login screen. If you attempted to sign in, criminals captured your details and can hijack your account.

The scam seemingly died down after a few weeks, but it has again made its appearance this week in a slightly altered form. Instead of asking the previous question, it now wants to entice potential victims with an intriguing statement.

“Look what I found” is the only sentence sent through Facebook Messenger, and it once again includes a link. According to Metro, the link is similar to before, redirecting you to a fake Facebook login page. That’s where criminals gather your login details and, in some cases, can install malware on your device.

What you can do about it

The best weapon in your arsenal for staying safe is to be aware of all the scams criminals employ. Even if the message comes from a trusted friend, their profile has likely been hacked, which is why you received it.

Here are some tips on staying protected from phishing schemes like this:

  • Never click on a link or download an attachment from an unsolicited email or message on Facebook Messenger. If a friend does send you something, give them a call to make sure they really sent it.
  • Set up two-factor authentication (2FA) on all accounts that offer it, including social media and banking sites. The added security method dramatically reduces your chances of being hacked, as you must verify any login attempts manually.
  • Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at That’s over 85% off the regular price!

Keep reading

This Facebook scam has tricked half a million people – Here’s the giveaway

End-to-end encryption comes to Facebook Messenger – Here’s how to enable it

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me