Users or “pages” on Facebook are currently posting the following or similar posts in the comments:

"SHE'S CRAZY" - Screenshot Facebook comment
“SHE’S CRAZY” – Screenshot Facebook comment

The link doesn't suggest anything good. Behind it you will find, as you would assume from the preview image with the play symbol, a video. Well, why is she “crazy”? – Here you should let your curiosity go and under no circumstances click on the link.

Why, what is happening?

If you click on this link, you will be taken to a page that informs you that the content is not suitable for young people.

Age-restricted content/screenshot
Age-restricted content/screenshot

If you click on “Continue” here, you will be informed on another page that opens in a new tab that a verification must be started to confirm your age. There follows another page in a new tab with a somewhat unusual prompt:

Screenshot copy/paste process
Screenshot copy/paste process

What you don't notice: A very small, quiet and secret Facebook login window has already opened, which is overlaid by the newly opened pages. If you have saved your data in your browser, you log in to your account here and at the same time transmit the data to the fraudsters. This is exactly what the key combination listed is intended for.

The special highlight here is the Ctrl/Ctrl + W, which transfers additional data in the URL. In this case the API key. And with this the fraudsters gain access to the account:

Screenshot URL / API key
Screenshot URL / API key

“The green rectangle”

We are already familiar with this approach. However, it was designed in such a way that you had to drag a green rectangle into your bookmarks bar. You can find our analysis HERE .

The result was the same: from that moment on, the scammers have full access to the Facebook account! Behind this is a so-called “JAVASCRIPT”, and this data and content includes almost all of the functions that are also included in the Facebook API documentation .

So what does this mean for the victim?

Once you have activated the script, the fraudster or fraudsters have full access to:

  • All the user's private data present in their profile. This includes, among other things, date of birth, telephone number, place of work, locations, family members, etc.
  • On all status posts the user has ever written,
  • on all pictures and videos,
  • on all liked pages and groups.
  • In addition, the fraudster or fraudsters can also access all Facebook pages and groups where the user has admin rights.
  • In other words: It is therefore possible to take over the entire profile as well as pages and groups!

But not only that!

The fraudster or fraudsters also have access to the victim's messenger, so you can read all messages or the fraudsters could now send messages in your name.

If you also have Instagram account and linked it to your Facebook profile, then the fraudsters will also have access to it.

So if you have allowed the fraudsters access, they can carry out the same actions as the victim themselves! 


You might also be interested in: Facebook Marketplace: Fraud from alleged buyers

Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )