Fake PayPal emails lead to nearly £8 million in losses this year
Action Fraud is warning people selling items online to be on the lookout for criminals sending fake PayPal emails.
Criminals are sending messages on Messenger, appearing to be the targets friend.
Cyber criminals are spreading malware through Facebook, by posing as friends of their victims.
The links to the corrupted software is being sent to users through Facebook's Messenger app. These lead to fake, but legitimate-looking, versions of popular websites, such as YouTube.
It is believed the user is sent a message composed of their name followed by the word 'Video', and a shocked emoji face with a shortened URL.
The malicious software, if downloaded, may cause you to spread the virus to your contacts on Facebook Messenger, as the malware sends your contacts messages with the link too. It can also force you to click on more malware and fill up your phone with spam adverts.
As the user knows the person they're receiving the message from, it's likely they'll trust what is being sent, and so are more likely to click on what appears to be links to videos, memes, and other content.
In some cases, it has been seen to track what you type into the infected gadget - allowing criminals to log and store card details if you later buy something online, or see what your passwords are.
Users are being advised to not click on the links in such messages. It is also advised that residents make sure they have downloaded an anti-virus software to their devices (including phones and tablets), and to keep it up to date.