Copyright violations are a big deal — and most social media sites heavily enforce them. If you post a copyrighted video or song to YouTube, for example, all it takes is a quick report from the license-holder and your content gets removed instantly.
Unfortunately, not all copyrighted content is enforced evenly. Some companies are serious about protecting their intellectual property while others couldn’t care less. Tap or click here to see an extension that will read fine print copyright “gotchas” for you.
People tend to take copyright violations seriously because the law is involved. That’s why scammers are using fake copyright alerts to trick people into handing over their data. If you get one of these alerts on Facebook, be careful — the scammers behind it will try to take your password and two-factor authentication code!
Legal trouble or a bogus alert?
According to Sophos Labs, a new type of scam is spreading on Facebook that uses fake copyright violations to trick people into sharing passwords, phone numbers and 2FA codes. It’s a high-effort scheme with realistic-looking login pages and emails — but a closer look will show you the whole thing is bogus.
Here’s how it works: Scammers contact you by email to let you know that content you posted to Facebook violated copyright. There will also be a threat to unpublish your profile if you don’t comply.
If you click continue, you’ll be redirected to a real Facebook page associated with the scammers. This page will have a link to a copyright appeal form that looks like another Facebook link.
But unlike the first page, this one isn’t on Facebook at all. Instead, you end up on a phishing site that asks for information like your name, phone number and Facebook password. You’ll be asked to enter it twice for confirmation.
The next step is by far the most concerning: The website asks you to enter a code you’ll receive by text message to confirm your appeal. In case you hadn’t guessed, this is your 2FA code. That’s right, the scammers are trying to bypass your account security!
This is a serious phishing campaign with more effort put into it than usual. Because copyright complaints are a real thing people deal with all the time, people across the web can easily fall for this tactic.
But now that you know the truth, you can spot the scam before it has a chance to trick you.
What should I do if I get this? What happens if I fell for it?
Sophos Labs has a few words of advice to Facebook users with concerns about this scam. If you follow these steps, your account will be much safer:
- Check the email sender: This is one of the easiest red flags to spot with any scam. Simply look at the email address of the person who sent you the email and match it with who they claim to be. In the example above, the sender email isn’t from Facebook.com at all.
- Check the address bar: Just like with the sender field, your address bar can clue you in to whether or not you’re on a fake website. If the site looks like Facebook but the address bar doesn’t match, get away as fast as you can.
- Forward any Facebook phishing emails to email@example.com. This lets Facebook investigate the domain so it can be shut down.
- Never click links sent to you by email: Be suspicious of any unusual links in email — even if someone you know sent it to you. If you click a link from an email and end up needing to log in, this is 100% a red flag for phishing.
Because this scheme can bypass 2FA, the best way to stay safe is to avoid the scam in the first place. If you make the mistake of falling for it, change your Facebook password immediately.
- On Facebook desktop, click on the account button found at the top right corner.
- Select Settings & Privacy, followed by Settings.
- Click Security and Login.
- Click Edit next to Change password.
- Enter your current password and new password.
- Click Save Changes.
Scammers are getting better at disguising themselves, which means all of us need to be extra careful when checking emails. One small mistake can lead to lost money, stolen data and hijacked accounts. If you don’t want to see your Facebook page for sale on the Dark Web, stay vigilant.