“Look What I Found!” Facebook Messenger Scam

By now we have all been hit by the “Look what I found” scam or the “Is this you in this video” – either by a friend telling us we sent them the message or a friend sending us this message.

First things firsts: Do not click on the link in this message!!!

You and your friend have not been hacked per se, but you have unknowingly given access to a Facebook app or a a website and given it permission send messages or post to your timeline. It is the app or website that has been compromised.

The biggest culprits are apps such as Nametests, BAM or WOW where your data can be compromised on their servers. These posts will look like this in your newsfeed.

The biggest culprits are apps such as Nametests, BAM or WOW where your data can be compromised on their servers. These posts will look like this in your newsfeed.

First thing to do immediately is change your facebook password.

How to change your Facebook password

To change your password on Facebook if you’re already logged in:

1. Scroll to the bottom of Facebook and tap Settings and privacy.
2. Below Security tap Security and login.
3. Tap Change password.
4. Type your current and new password and re-type new password, then tap Save Changes.

If you’re logged in but have forgotten your password, follow the steps under Change your password, then tap Forgotten password? and follow the steps to reset it. Bear in mind that you’ll need access to the email associated with your account.Reset your passwordTo reset your password if you’re not logged in to Facebook:

1. Click Forgotten password?.
2. Type the email address, mobile phone number, full name or username associated with your account, then click Search.
3. Follow the on-screen instructions.

For security reasons, you won’t be able to use the same mobile phone number that you use for two-factor authentication to help you reset your password. You’ll need to have a different mobile phone number or email address added to your account to reset your password if you ever need to.If you’re still having trouble, we can help you recover your account.Other useful resources

• Learn about what you can do if you think that your account has been hacked or taken over.
• Learn about what to do if you can’t reset your Facebook password because you can’t access the email address or mobile phone number on your account.

Facebook 2 Factor Authentication

Once you have changed your password you can also enable another security feature Two Factor Authentication (2FA).

Two-factor authentication is a security feature that helps protect your Facebook account in addition to your password. If you set up two-factor authentication, you’ll be asked to enter a special login code or confirm your login attempt each time someone tries accessing Facebook from a browser or mobile device that we don’t recognise. You can also get alerts when someone tries logging in from a browser or mobile device that we don’t recognise.To turn on or manage two-factor authentication:

1. Go to your Security and login settings.
2. Scroll down to Use two-factor authentication and click Edit.
3. Choose the security method that you want to add and follow the on-screen instructions.

When you set up two-factor authentication on Facebook, you’ll be asked to choose one of three security methods:

• Tapping your security key on a compatible device.
• Login codes from a third-party authentication app.
• Text message (SMS) codes from your mobile phone.

Other useful resources

• If you haven’t saved the browser or mobile device that you’re using, you’ll be asked to do so when you turn on two-factor authentication. This way, you won’t have to enter a security code when you log in again. Don’t click Save this browser if you’re using a public computer that other people can access (e.g. a library computer).
• We need to be able to remember your computer and browser information so that we can recognise it the next time you log in. Some browser features block this. If you’ve turned on private browsing or set up your browser to clear your history every time it closes, you might have to enter a code every time you log in. Learn more.
• To set up text message (SMS) two-factor authentication, you can either use a mobile number that’s already been added to your account or add a new number. Learn more about how Facebook uses a mobile number added for two-factor authentication.
• Learn about what you can do if you turned on two-factor authentication but are now having trouble with logging in.

Removing Apps and Websites on Facebook

The very first time you click on an app from your newsfeed, you give it permissions. Most people just click haphazardly unknowingly giving the app permissions to post to their newsfeed or send private messages. And in a busy world, it is quite easy to forget you ever did this.

These popular set of apps and games that are spreading like wildfire among Facebook users, and you should know that using one of them could put your personal information at risk.

My advice is although these are fun, it is best to steer clear of these games on Facebook. Only use legitimate apps and websites and be aware to who and what permissions you are giving.

To remove an app or game you’ve added:

1. Click  in the top right of Facebook.
2. Select Settings & privacy, then click Settings.
3. In the menu on the left-hand side, click Apps and websites.
4. Go to the app or website that you want to remove, then next to the name of the app or website, click Remove.
5. You may select these options:
   • Delete posts, videos or events [app or website] posted on your timeline.
   • Allow Facebook to notify [app or website] that your login connection was removed. They may offer you another way to log in.
6. Click Remove again to confirm.

If you connected accounts with an app or website such as a loyalty programme or news subscription, you can choose to remove each individual connection. Click Remove next to the connected account to remove it.Once you’ve removed the app or game, it should no longer post to your timeline. If you still see a past post, you can remove it. Note: The app or game may have stored info from when you were using it, but you can contact the developer to ask that they delete any info they may still have.

See where you are logged into Facebook

You can manage where you’re logged in to Facebook in Security and login settings. The Where you’re logged in section lists where you’re currently logged in. Each entry includes a date, time, location and device type. To log out of Facebook on another computer, phone or tablet:

1. Go to your Security and login settings.
2. Go to the section Where you’re logged in. You may have to click See more to see all of the sessions where you’re logged in.
3. Find the session you want to end. Click and then click Log Out.

Clicking Log Out will immediately log you out of Facebook on that device.

Virus Scan and Malware check your computer

Lastly, run a full virus scan using your virus scanner and you can also use MalwareBytes to check for malware.

Keep Safe

Please stay vigilant with your Facebook security and please ask me questions if unsure. Or use your go go Google fingers.