Yesterday I appeared to receive a message on Facebook from a cousin. ‘She’ was asking weather an award from Costco was legitimate, and there was a link. I replied that it’s certainly a scam, and pointed out that the domain was in Taiwan.
There was also a message from an uncle, and when I opened it, it was the same thing ‘my cousin’ sent. Only, I know my uncle was banned from Facebook. He couldn’t have sent a message.
Question: Was any harm done by replying to the first message? Or does the scam/malware/whatever depend on clicking the link?
Whilst it’s not unheard of for platforms like Facebook Messenger to have vulnerabilities that compromise accounts just by receiving a message, I haven’t heard of anything like that lately.
The most common and likely case nowadays is that the link goes to some phishing page that is styled to look a lot like it requires a facebook login, and that login is fake, so entering your account credentials there would compromise your security.
Replying to the message might have marked you as a live target, so be on your guard for more (and possibly better crafted/more subtle attacks)