Another type of scam has been circulating social media as of late, which has been dubbed the “Look Who Died” Scam. This one appears to currently be targeting Facebook users, but it is possible that it may spread to other social media that have instant messaging services.
What is the Look Who Died Scam?
The Look Who Died Scam is, at its core, a relatively straightforward type of scam that takes place over an instant messaging service. Victims receive a message from someone that says something along the lines of “Hey, look who died, I think you knew them, I’m so sorry”, often with crying emojis, as well as a link.
Now, one would assume that this link either goes to an obituary page or a news article, but it is actually a malicious link. The attacker is hoping to trick the victim into clicking the link out of shock. After all, hearing that someone you knew might’ve died is alarming and would catch people off guard.
What makes this scam more believable is that this message often comes from someone that appears to be one of your friends (although it is possible that it could come from a stranger). This is done in one of two ways. The first way is that the attacker makes an account and simply copies the profile picture and name of your actual friend. They would then find you on your actual friend’s friend list and make you one of their targets.
The second is a bit more alarming. It is a possibility that, by clicking on the link, you may have your account information (your username, email, and password) stolen by the attacker (more on this below). They can then log into your actual account and target your friends. This makes the attack even more believable; after all, if your friend is sending you this message and it is actually their account and not a fake, you’re more inclined to believe it is real.
What Happens if I Click the Link?
As of writing this article, the author is not completely sure as to what exactly happens when you click the link; however, a general idea can be provided. When you click the link, there are three possibilities that occur.
The first is that the link is a phishing attempt. This means that, after clicking on the link, you will be taken to some sort of login page and asked to log in. Once you “log in”, however, your information- your username, password, and email- is sent directly to the attacker. They can then log into your account and take it over, even going as far as changing your password and locking you out of it.
The second is that the link takes you to a website that tries to install malware on your device. These downloads tend to happen automatically, and sometimes without us even realizing; this is why clicking on dangerous links is never a good idea, even if you just want to see where they go. In some cases, this is known as a drive-by-download (since, as you “drive by” the website, malware is downloaded onto your device). This malware could then monitor your device and steal even more of your information (for example, if you logged into your bank account, the malware could capture your username and password and send it back to the attacker).
The third is, essentially, a combination of the first. It is entirely possible that the website will not only try to steal your login credentials, but also install malware onto your machine to steal even more of your information.
All three of these possibilities are bad. Thus, do not click on the link! If you do happen to click on the link, make sure to monitor your bank account vigilantly. If you notice any suspicious activity, notify your bank immediately. Change your passwords and avoid logging in to any accounts on your device for a while.
How Do I Keep Myself Safe?
Keeping yourself safe from this attack generally takes a few simple steps. The first and most important is to never click any links if you are unsure of where they lead. This is the easiest way to avoid this scam; if you don’t click the link, then you basically avoid all of the risks.
Another way to keep yourself safe from this attack is to not accept friend requests if you don’t know who the person is. Sure, it may be tempting to have as many friends as possible on social media, but by accepting every friend request that comes your way, you open yourself up to these types of attacks (and possibly others).
Further, it is important to take a moment before making a decision. Hearing news that someone you knew has passed away is shocking, so you’d want to find out who it was. But, before doing anything, it is important to take a moment to pause and ask yourself a couple questions: “why didn’t they send me their name?”; “why doesn’t the link look like its from a news website?”; “why is their message so vague?”. By asking yourself at least these three questions, it can help you readjust your focus and realize that the message is most likely a scam.
To take this a step further, reporting the message (or even the account) as a phishing/scam attempt is also a good idea, as it can either lead to a fake account being taken down or help your actual friend gain access back to their account.
Finally, make sure you have antivirus software, such as AVG, Malwarebytes, or Norton, on your device and keep it up to date. That way, if you do fall victim to this sort of attack and it does install malware on your device, the antivirus software may catch it before it can do anything harmful.
The H.A.C.K.E.R. Project 
Leave a comment