This devious phishing campaign uses Facebook messages to trick its victims
According to information, the most recent team of spammers is obtaining Facebook account information by impersonating a copyright infringement.
According to researchers from Cyber Security Trust-Waves, users receive a notification when they fill out a form. The notification appears with a threat of deleting the account within 48 hours if users don’t fill up the form.
This request aims to grab personal data that could lead to a high risk of identity theft.
How exactly does it work?
- The notification about filling out a form will be delivered to the customer through an email that consists of an original Facebook post link.
- The link in the email will lead you to a custom-built Meta customer support website.
- This website will demand the filling out of your name, contact details, and address, which will be stored along with your IP address and location. This data can be sent to a Telegram account through HTTPS.
- The spammer will direct users to other cloned or fake sites.
- The clone sites will trap the user with a single password verification that will fail.
- The spammer will now offer you other ways of authentication through a pop-up notification.
- This pop-up link will redirect you to the original Facebook site.
The researchers from Trustwave have warned the users to be careful about receiving any such notifications from Facebook. The received message can be a copyright violation notice cloned to be sent from Facebook.
Researchers in cyber security recently unveiled a campaign called Ducktail.
Facebook still proves to be the easiest target for cybercriminals.
I’m a communication enthusiast and junior editor-reporter at Research Snipers, I have completed a degree in Mass Communication but am very enthusiastic about new technology, games, and mobile devices. I have the main interest in Technology and games.