Messages sent via Facebook’s private messaging system ask if “you are in this video?”, “this is your video?”, or similar video related questions. The messages, which come from accounts that belong to your Facebook friends, include a link that supposedly opens the video being discussed.
The messages are scams designed to steal your Facebook account login details or trick you into installing malware. The messages are sent from Facebook accounts that have been compromised by criminals and used to launch spam and scam campaigns. If you get one of these messages from a Facebook friend, it most likely means that your friend’s account has been hijacked.
If you click the link in one of these messages, you may be taken to a fraudulent website that has been designed to look like a Facebook login page. A message on the site will claim that you must log in before you can see the video. In reality, there is no video. If you enter your Facebook email address and password on the fake site, criminals can collect the information and use it to hijack your Facebook account. They can then use your account to send the same scam messages to all of your friends.
Alternatively, clicking the link may take you to a website that harbours malware. Once on the site, you may be tricked into downloading and installing the malware on your computer or device.
In fact, these messages are just the latest in a series of very similar attacks that have targeted Facebook users for years. Several earlier versions have used the “is this you in the video” ruse to trick people into relinquishing control of their Facebook accounts or installing malware. Other variants of the scam messages falsely claim that the sender has seen you in a photo rather than a video.
If you receive one of these messages, do not click any links that it contains. And, try to let the friend that owns the account that the message came from know that his or her account may have been compromised.