Keep an Eye Out For the “Look Who Died” Messenger Hack

Bojan Jovanovic

Updated: July 14, 2023

SHARE:

If you have a Facebook account, you may have recently received a message from one of your friends with the subject line “Look who died.” The message includes a link to a fake news article about the death of someone you know. Don’t click on the link. 

This is not a legitimate news story – it’s actually a phishing scam that can steal your login information or install malware on your device. In this article, we’ll tell you what to do if you were exposed to the “Look who died” messenger hack and which steps you can take to protect your account. 

What Is the “Look Who Died” Messenger Hack?

Many of us keep sensitive data on our Facebook profiles, such as photos and Messenger conversations with our friends and family. Some people also use it for shopping or advertising, so a lot of personal information can be gathered about each user. 

For this reason, hackers are determined to gain access to this information, so they can use it themselves or sell it to someone else. One such attempt is the “Look who died” messenger hack. 

This is a large-scale scam that, unlike targeted attacks such as spear phishing, aims to affect as many people as possible. It works by sending a malicious link to the victim with the message “Look who died.” The message is typically sent from another friend’s profile that was previously infected with this virus. 

Usually, after the person clicks on the link and logs in with their Facebook credentials, both their username and password are stolen, and their device is infected with malware. Later, this profile will spread the same link and message without the account owner’s knowledge, as seen in many recent Facebook scams. To better understand the issue, we’ll tell you a little bit about phishing first. 

What Is Phishing? 

Phishing is a form of cybercrime that uses deception to collect sensitive information such as passwords, banking information, or other important data from the victims. This form of social engineering is mainly done via email, SMS (smishing), and phone calls.

With the growing popularity of social media, phishing also found its place on platforms such as Facebook, TikTot, Twitter, and Instagram.

But how does it work? The attacker usually sends a malicious link to the unsuspecting victim, typically impersonating someone they know. If the victim opens the message and clicks on the link, they are usually prompted to log in with their email or password.

The web page is fake, but it’s created as a convincing replica. Since the message is designed to evoke a sense of urgency,  the victims are often in a hurry to check what’s on the link without giving it proper scrutiny. Once they’ve logged in, the attacker will obtain their username and password.

It’s important to know that many of the latest Facebook scams, such as “Is this you on the video?” or “Did you make this video?” often have the same pattern. They are designed to trick you into handing out your login information and infecting your device to spread the malware even more. 

In many cases, apart from recovering your account, you’ll also have to scan your device for malware with a good antivirus solution to remove the threat entirely. 

Things to Do if You Fell Prey to This Scam

So, you got a message from your friend suggesting that someone you may know has died. You instantly want to know who that person is, hoping the bad news isn’t true. The page asks you to log in to your Facebook, which is what you do because at this moment you’re not thinking that this might be a scam. 

When you get to that page, there’s no word about anyone you know being dead. Instead, you’ve just become a phishing victim. By this time, your login information is known to the attacker. Your computer is likely infected with malware and might be sending out the same message to the rest of your friends.

So, what should you do if you fell for the “Look who died” Facebook message? 

1. Firstly, make sure you’re not locked out of your account. If your password hasn’t been changed, there are things you can do to mitigate the damage. To start, immediately change the password yourself, so the hacker can no longer log into your account. 
2. After you’ve changed your password, report this problem to Facebook. This is important because the company is constantly tracking activities like this, and reports can help Facebook eliminate it and stop it from happening to someone else. 
3. Head to security settings and log out of any locations or devices you don’t recognize. You can do that by clicking on the menu and choosing “not you?”
4. Do the same with apps. Any websites or apps that have permission to access your Facebook account should be reviewed. If there are any that you don’t recognize, remove them.
5. When you go to general settings, make sure to check the email addresses linked to your account. If there are any unknown ones, remove them as well. 
6. If you don’t have two-factor authentication, turn it on. This is an essential security measure for any online account you have these days, not just the one on Facebook. With two-factor authentication, you will be notified of each login attempt and only be able to log in with the information that you’ve received through SMS or an email.
7. Lastly, just in case, change your email password. Your email is the most important pillar in terms of your personal cybersecurity. Having multiple accounts compromised is far more likely if you lose access to your primary email address.
8. Scan your device using anti-malware software. Even if you think your messenger isn’t hacked, signs like your friends telling you they received strange links from you shouldn’t be ignored. 

In case this happens to you, you’ll need to act fast and try to secure your account as soon as possible. However, if your account hasn’t been hacked before, let’s see how we can keep it that way while on Facebook.

Working On Prevention: Staying Safe On Facebook 

If you’ve recently become a victim of the “Look who died” messenger scam, or you just want to know how you can remain safe on Facebook, read on for tips on preventing hackers from compromising your Facebook account. 

• Set a strong password. Your password should never include your birthday, address, name, or phone number. Attackers can easily crack it if they know some basic information about you. Make sure that it is at least six characters long, and use punctuation marks, symbols, lowercase and uppercase letters, and numbers. Don’t use common words, and change your password every once in a while. Remember, never use one password for multiple accounts.
• Make sure you’re using the correct URL. If you want to log in from a browser, the Facebook URL needs to be https://www.facebook.com. If the shown address has double “f” or any other variation, it’s probably fake. Instead of following the link, just type in the legitimate Facebook URL yourself. 
• Don’t fall for fake login prompts. If you’re already using a Facebook app and you’re prompted to log in, don’t fall for it. You’re already logged in, and you’re using the app; Facebook wouldn’t ask you to log in again. 
• Never click on suspicious links. Facebook scams start with messages in most cases. If your Facebook friend sends you a link that seems unusual, instead of clicking on it, contact them outside of Facebook and ask about it. This way, you’ll know if they really wanted to share something or if they became a victim of cybercrime. 

These tips are useful for general internet use, not only for Facebook. Always use a strong password, check every suspicious URL you run into, and never click on shady links. 

Bottom Line 

Facebook is one of the most popular social media platforms, with over two billion users. That’s why it became a target for scammers and hackers, and the “Look who died” scam is surely not the only one to watch out for. If you want to ensure you and your data are safe, be extra careful about the links you click on and always use a strong password. 

If you think your account might have been hacked, follow the steps we shared with you in this article. Remember, before clicking on something on Facebook, make sure to check if it’s a legitimate link or not.