If victims follow the link on the page, they will next be taken to a second page that falsely claims that Facebook is now required to show users who has been viewing their profile. Victims are taken to a "security check" and told that they must generate an "age verification code" before proceeding:
Folllowed by this:
By pasting the "age verification" code as instructed, users are in fact giving the scammers access to their Facebook accounts, including their Friends list. The code is the victim's Facebook authentication token, which can then be used by the criminals to temporarily hijack the Facebook account. The compromised accounts are then used to distribute more of the same scam messages on Facebook.
Source. Via Hoax-Slayer.
No comments:
Post a Comment