We already know enough about profile viewers on Facebook! But we have not yet seen what we have analyzed here in this form.

It should already be known that so-called “profile viewers” ​​on Facebook are up to no good. However, there are always users who fall for this nasty trick. It is usually the curiosity of the user that causes them to click on a profile viewer post, because many people want to know who has visited their own Facebook profile.

In most cases, the user is redirected to a replica Facebook login page where they have to log in again with their Facebook account details. A lot of users fall into this trap again and again, because from the moment the data is entered, it is sent 1:1 to the fraudsters, who can essentially take over the profile at the end!

Not so in this case!

With this variant there is no replica Facebook login page, but the interface to the respective Facebook profile is opened here. This is done with a script that the user triggers himself.

[mk_ad]

How can one fall into this trap?

Users are currently posting the following or similar posts in the comments:

Screenshot / Facebook / Comment
Screenshot / Facebook / Comment

If you follow the “10 facts…” you will end up on a website called “InstaFace”. Even if it looks like it came from Facebook, it didn't come from Facebook, but from scammers. Apparently there was a technical error and it is now possible to access information on your profile page and the photos. You can now check whether this is also available for your own profile.

Screenshot of the fake Facebook page
Screenshot of the fake Facebook page

If you click on “CONTINUE” again, you have to drag a green rectangle into your “bookmarks bar” in the browser.

Screenshot of website designed by scammers
Screenshot of website designed by scammers

But be careful!

From this moment on, the scammers have full access to the Facebook account! Behind this is a so-called “JAVASCRIPT” and this data and content includes almost all of the functions that are also included in the Facebook API documentation .

So what does this mean for the victim?

Once you have activated the script, the fraudster or fraudsters have full access to:

  • all the user's private data present in their profile. This includes, among other things, date of birth, telephone number, place of work, locations, family members, etc.
  • to all status posts the user has ever written,
  • on all pictures and videos,
  • on all liked pages and groups.
  • In addition, the fraudster or fraudsters can also access all Facebook pages and Facebook groups where the user has admin rights.
  • In other words: It is therefore possible to take over the entire profile as well as pages and groups!

But not only that!

The fraudster or fraudsters also have access to the victim's messenger, so you can read all messages or the fraudsters could now send messages in your name.

[mk_ad]

If you also have Instagram account and linked it to your Facebook profile, then the fraudsters will also have access to it.

So if you have allowed the fraudsters access, they can carry out the same actions as the victim themselves! 

Here you can find all research reports on the topic of “ Profile Viewer on Facebook ”.

 

Sign up for the Mimikama newsletter

Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )