Hackers Use Fake Facebook Profile to Spread Malware: 4 Ways to Spot Fake FB Account

Hackers are now using fake Facebook accounts to attack other users! Here are four ways to spot these impostors.

Facebook has reported that more than 10 percent of its 2.3 billion users are fake or duplicate accounts. These accounts are often created to promote new content or a separate identity from the real person. While this method of “fake Facebook” is effective for corporate marketing or celebrity fan pages, hackers have recently invaded the system.

A new strategy is being used where hackers send malware through messages and emails. Attackers would “earn your trust” with a bogus character claiming to be a real user.

Fortunately, Malwarefox listed four ways you use to spot fake Facebook accounts.

Four ways to spot a fake FB account

4. Check the profile picture

Genuine accounts often use real photos for their photo. Be careful when dealing with accounts that regularly change their “face” every week, celebrity photos, or no profile photos posted. To make sure that the profile picture is original, you can try using Google Image Search.

  • Save the profile picture of your suspicious account
  • Open Google and click on the camera icon for “Search by Image”.
  • Download the image and search
  • If you see an image match, then that person obviously took their profile picture from the Internet.

3. Read about the section

Facebook typically provides user details in their “About” section. The more details that are listed – like their address, educational background, and personal accomplishments – the more likely the person is to be genuine. On the other hand, fake accounts will not go into personal details and would choose to use incomplete information, such as simply putting their address as “New York” or their school as “Harvard University”.

2. Check the friends list

Genuine people would be connected with a lot of local people. This “friend list” should be long, with a variety of different people. In contrast, fake accounts can target “specific people”, such as being friends with so many people from the UAE or similar industries.

1. Check the name in URL and profile

When created, the Facebook account generates a unique URL to your account based on the name you provided. In comparison, fake Facebook accounts can have different names and URLs because these accounts are hacked. Malicious attackers may have changed their name and profile picture to dispel some suspicion about their account, but the URL will be leaked to their first given username.

Read also: The Clubhouse app data breach is scary! 5 steps to delete the app now

Hackers use fake Facebook profile to spread malware

ZDNet recently reported that a cyberespionage campaign attempted to steal information from U.S. defense contractors using this fake Facebook account strategy.

TA456, also known as tortoise shell, campaigned for a Facebook, Instagram and email account for the fake character “Marcella Flores”. After 18 months of social engineering, this account befriended US defense contractors and sent them a OneDrive link with a document or video file.

This file contained an updated version of the Lideric malware, which aimed to steal sensitive information such as username, passwords, and personal credentials. No information was provided as to whether the attack turned out to be a success.

Facebook users could take extra security measures to protect themselves by keeping in mind the talk about how to spot fake Facebook accounts.

Associated article: Mark Zuckerberg’s Facebook city concept unveiled: 1,729 apartments, supermarkets, hotels and more for Willow City