How to stay safe from the 'job offer' scam message

Facebook and email hacking have recently been at an all-time high, with Bangladeshis frequently falling victim to phishing and hacking attempts from malicious parties. One particular scam that has become common lately is the 'job offer' scam message, in which unknown phone numbers offer jobs or money to unsuspecting mobile phone users. 

If you have gotten an SMS or Facebook message recently that says something like: "Dear, you have passed the first round of interview. Join us to get 2000 TK," with a link attached, then be careful! You are the subject of a phishing scam. Follow the ways detailed below to stay safe from this ongoing scam.

I received a message like this. What should I do?

As per the official guideline by the Cyber Crime Investigation Cell of Bangladesh, there are a few things you should do as soon as you receive such an SMS.

1. Do not click the link.
2. Immediately delete the message.
3. Block the number the message came from.
4. If you have by chance clicked the link, do not share your Facebook or email username and password.
5. For future safety, keep two-factor authentication enabled in your account.
6. For additional safety, keep an additional email in your Facebook account for emergency account recovery.

How to enable two-factor authentication

Facebook's official Help Center has detailed guidelines on setting up two-factor authentication for your account. Here are the steps.

1. On your phone, click on your profile picture on the upper-right corner.
2. Click 'Settings & privacy'.
3. Click 'Settings'.
4. Click 'Accounts Center'.
5. Click 'Password and security'.
6. Click 'Two-factor authentication'.
7. You will be asked to re-enter your password. After doing so, click 'Continue'.
8. You will be asked to choose which security method you want to use for your two-factor authentication: security key method, login code method, or sms code method.
9. Using the 'security key method', Facebook will send you a security key on a compatible device whenever it detects a login attempt from a device it doesn't recognise.
   Using the 'login code method', Facebook will use third-party authentication apps such as Google Authenticator or LastPass to generate login codes.
   Using the 'sms code method', Facebook will send a text message to your mobile phone to confirm unrecognised logins.

If you have two-factor authentication enabled on your Facebook account, Facebook will always ask you to enter a special login code or confirm your login attempt anytime Facebook recognises someone accessing your account from a browser or mobile device it doesn't recognise. 

Setting two-factor authentication will also automatically enable you to get alerts in case anyone you don't recognise is trying to log in to your Facebook account.

How to set a recovery email in your Facebook account

Follow the steps below to set an additional email on your Facebook account. This additional email can be used to recover your Facebook account in case of emergency hack attacks.

1. Click on your profile picture and select 'Settings & privacy'.
2. Click 'Settings'.
3. Find the 'General' tab. Click 'Contact'.
4. Click 'Add another email or mobile number'. 
5. You will be asked to enter your email. After doing so, click 'Add'.
6. You may be asked to re-enter your Facebook password as well. After doing so, click 'Submit'. Click 'Close'.
7. A confirmation email will be sent to your new email address. Click the link on that email to complete the process.

In the modern day and age, our personal information is always at risk of being stolen by hackers and scammers. To stay ahead of such scams, maintain extreme precaution and don't click any suspicious links whenever you see them.