tl;dr
Watch for Facebook Messenger scams claiming that a friend has found compromising videos or photos of you that you should review. The messages are designed to trick you into giving your Facebook login details to criminals.
Overview
A long-running scam tactic used by Facebook account hijackers continues to gain new victims.
The scam messages claim that a friend has found videos or photos of you that you need to look at. The messages, which come from the accounts of Facebook friends that have already fallen for the scam, often imply that the photos or videos are compromising in some way.
Designed to Panic You Into Clicking
They are designed to trick you into clicking a link without giving it too much thought. The scammers hope that you might be panicked into quickly clicking because you mistakenly believe that private or embarrassing material about you has been published online.
The scams, which sometimes include a blurred image or video screenshot, have text such as the following:
Look what I’ve found
Who posted your photo here? 🙁
I can’t believe it’s you
You are in this video
OMG is this you? 🙁
There are many other variations.
Links Open Fake Facebook Login Page
If you do click, you will be taken to a fraudulent website that claims that you must enter your Facebook login details to see the content. Scammers can steal the login credentials you enter and hijack your Facebook account.
Once they have gained access, they can then send the same scam message to your friends. They can also use the compromised accounts to spread further scam and spam messages in your name.
If one of these messages appears in your Messenger inbox, don’t click on it! If possible, inform the person whose account the scam message came from that their account is being misused.
What To Do if You Have Already Given Your Login Details
If you have already clicked and entered your login details, you will need to take steps to secure your account as quickly as possible.
First, see if you can still log in to Facebook with your existing credentials. (You may already be logged in.)
If you can log in, or you are already logged in, jump into your security settings and change your password immediately. Then, click “Log out of all sessions” and log in again with your new password.
There are plenty of other types of scams on Facebook, but this one is especially insidious because the scam messages do actually come from the accounts of people that you know and trust, so you might be more likely to click without due caution.
Thanks! I remember this one from over a decade ago
This is a nasty and dangerous one!