We all know that the best way to avoid being hacked is to be vigilant when clicking on links. But there are times when your defences are down and you click on something without thinking. Instant regret.

This happened to me when I got sucked into a scam that’s been sweeping social-media networks over the past few months. In a nutshell, it causes the user to send hoax messages to their friends that look something like this: “[user’s name] video” followed by a shocked emoji with a message “Is this yours?” or “It’s you [user’s name]!”

Mark Zuckerberg promises to ‘fix Facebook’ and protect from ‘interference by nation states’

Along with the message comes a virus-ridden link that, if clicked on, is forwarded to the user’s friend list (in my case, about 10 people), and friends are then directed to different malicious sites depending on which browsers they are using.

My immediate reaction was panic, because you have no idea what’s been compro­mised and the fear of the unknown sends the mind to dark places … places called identity theft. Is my PC infected? Have bank accounts been accessed? Is my credit card on its way to Maxedoutville at an Apple store or, worse still, has someone signed me up for a nudist retreat in Germany? Arghhh. Must stay calm.

Hoax-Slayer (a website on a mission to debunk email and social-media hoaxes) warns the rigged video messages are designed to steal Facebook account login details or to trick victims into installing malware. It says if you receive one of these messages from a Facebook friend, then it probably means their account has been hijacked.

Taiwanese WhatsApp scam costs Hongkongers tens of thousands of dollars

Thank you, Steve B, one of my “victims”, for your prompt reply. “Is this actually you or have you been hacked? Link looks very suspicious,” followed by some helpful advice. “You need to change your password ASAP.”

The afterthought “this has been happening a lot recently” was good to hear, too, because it made me realise I wasn’t the only jerk out there who forgot to follow the simple rule: think before you click.

Hacking elite gather in Hong Kong: but this is for a good cause

After changing your Facebook password, the next thing to do is post a message on Facebook letting your friends know that you’ve been hacked. Other sites suggest running an activity check to spot anything suspicious and deleting any unnecessary apps connected to your Facebook account.

Oh, and please don’t have a mini e-meltdown at the user who sent the link. Next time it could be you.