A scam is tearing through the Facebook messenger inboxes, collecting login details and private information from unsuspecting victims.
Tasmanian Ian Jones, of Burnie, said he was "sucked in" by the scam over the weekend after thoughtlessly clicking on a link sent by a friend.
"So the message said something like, this is you in this video," he said.
"As I'm in a lot of videos, I didn't think it was anything unusual."
He said the link had then asked him to fill out his Facebook login details.
"My brain was telling me something was wrong but I just kept going," he said.
"I got caught because it was a good friend of mine. I'd actually just been watching TV, laying back and relaxing and saw this thing pop up - bang, got me."
He said he had spent much of the weekend fielding calls and messages from contacts all over the world after the scammers got access to his friend list and sent the same message to them all.
"When things come through email I don't get tricked there, but when it comes from a friend you know you've got the trust level there," he said.
"I've been busy changing all my passwords to everything I can think of."
SPOTTING A SCAM
Wynyard Waterfront Hotel owner Justin McErlain, on Tasmania's north west coast, has a background in software and IT, and said it he had seen the deceptive messages floating around among his contacts.
"Scams are a lot more widespread than they were," he said.
"Especially during the pandemic, because people are online all the time so they're very much a target for these things.
"It's almost like a honey trap. It looks good and someone you know sends you the link."
He said there were a few ways people could protect themself and spot a scam.
"Don't click on anything you don't recognise," he said.
"If it seems unusual to come from that person, don't click on it.
"Have up-to-date antivirus software, and thirdly, if you need more protection you can buy anti encryption software."
He said it was also important to remember banks and software companies never send you messages asking you to fill out your password details.
"In this case, Facebook has no reason to ask you to fill out your password, you're already logged in," he said.
"Ultimately what they're after is money ... often they'll install software to record your computer or they'll encrypt your hard drive and then charge money for access."
TIPS AND TRICKS
Mr McErlain said Mr Jones had done the right thing in changing his passwords quickly once he knew he his security had been compromised.
"Change your passwords to everything you can think of and advise people that you've been hacked," he said.
"Having up-to-date software is very important, and you should regularly be changing your main passwords."
He said it was a good idea to store passwords in a paper notebook.
"A lesson from a long time was to never write your passwords down because someone will steal it," he said.
"That's never going to happen, it's always done electronically.
"It's impossible to hack a notebook. Just keep a plain, run-of-the-mill book on hand."