You’re scrolling through your Facebook feed when you suddenly receive a notification from a stranger tagging you in a video post with a link. Curious about what it’s all about, you click the link. But there’s no video. Instead, you exposed yourself to malware that might be able to steal your personal information.
These scams are called Facebook malicious tagging, and there are incidents when these scams go around and spread all over Facebook, affecting thousands of users. While Facebook actively tries to stop and prevent these incidents, there are measures that you can also do now to protect your account from malicious tagging and keep your data secure.
What is Facebook malicious tagging?
Facebook malicious tagging happens when users get tagged on a suspicious post with an external link, which when clicked may lead to hacking or phishing incidents. These links are designed to entice and catch your attention.
In one incident, it was a link to a supposed adult video. In another, it was a link to a supposed incriminating video of you, captioned “Is this YOU?”. When you click the link, you will be asked to download a Flash Player update in order to watch the video.
What you’ll be downloading instead would be some type of phishing malware, which may get a hold of your personal information and take control over your account. The Facebook tagging malware may then use your account to further spread itself across the site.
Most affected users reported that the malicious tags came from strangers and non-Facebook friends. But there were also incidents where users were tagged by their Facebook friends without the friend’s knowledge.
What do I do if I’ve been tagged on a malicious post?
When you receive a notification tagging you on a suspicious post, the first thing to do is to not click the link, no matter how enticing the link may be. You will be safe as long as you stay away from the link. Here’s what you can do when you’ve been tagged on a malicious post.
Remove your tag
On the upper right-hand corner of the post, click the ellipsis icon and choose “Remove Tag”. You will no longer be tagged on the post, but it may still appear in other places across Facebook, especially if other people are also tagged on the post.
Report the post as spam
On the upper right-hand corner of the post, click the ellipsis icon and choose “Report Post.” From the pop-up window, select “Spam” and click Submit. If Facebook recognizes the post as spam, they will delete the post and enact further action.
Inform your friend who tagged you
If you were tagged on the malicious post by someone you know, their Facebook account may be compromised. Message them to let them know about the incident so they can do certain measures to secure their account.
3 ways to protect your Facebook account from malicious tagging
Prevention is always key. Here are steps you can take on how to avoid Facebook malicious tagging and keep your account secure
#1 Be wary and informed.
To avoid clicking on malicious links, you must learn the signs to look out for to know whether a post is suspicious. Look out for the following signs when you’ve been tagged on a post:
It is from someone you don’t know. Or if it is from a friend, it is unlike what they usually post.
It is clickbait-y. Scams appeal to your emotions to get you to fall for them. If the post sounds too sensational and shocking, it’s probably a scam and potentially dangerous.
The link is shortened or unfamiliar. Scammers use link shorteners and other services to disguise their malicious links. If you don’t recognize the destination of the link, don’t click it.
There are several people tagged on the post. Phishing scams like to target multiple people at once, so if there are several people tagged who you don’t recognize, it may be the Facebook tagging malware.
#2 Prevent strangers from tagging you.
On Facebook, go to your Account settings, and click Notifications. Under “What Notifications You Receive”, go to Tags. Under “Get notifications when you get tagged by:”, select “Friends”. Now, you will no longer be notified when strangers tag you on Facebook.
#3 Strengthen your security settings.
There are certain measures that you can take to secure your Facebook account and make it more difficult for scammers and hackers to access it.
You can strengthen your password, or you can turn on Two-Factor Authentication, which will ask for a code if Facebook sees an attempted login from an unrecognized device. You can also turn on alerts to get notified if someone logs in to your account from an unrecognized place.
Keep your Facebook account protected from malicious tagging by staying vigilant and securing your account with the tips we provided above. But most importantly, don’t click that link.