New Phishing Campaign through Facebook Messenger: It starts with a call to watch a video

Phishing attacks are widely used to access passwords and other personal data of users

Nowadays, mainly, they warn about a new phishing campaign Mexico, Which indicates theft of user access credentials Facebook.

Distributed through fraudulent messages Ambassador, Facebook news app, With text and link representing the video in which the recipient is supposed to appear.

“In this case, they reflect the Facebook homepage so that the user can identify it as a fake page and not enter their access credentials. It is important to be aware of the scams and scams that are spreading to avoid victims, in addition all systems have been updated and security solutions have been installed on all devices, ”he explained. Miguel Angel Mendoza, A researcher at the Asset Latin America Laboratory, a cybersecurity firm that published this new fraud attempt.

The malicious campaign is designed for mobile device users because it has a verification chain to determine if the victim has access to the connection from the phone. This way, if the user enters a malicious link from a desktop computer, he or she will simply be sent to a video and avoid the event of stealing important information.

Otherwise, if accessed from Appendix a Skills Sent to Fishing It simulates the official Facebook login page where the user must log in, including the email address and password used to access the social network.

The user is redirected to a fake FB login page to steal access credentials (ez).
The user is redirected to a fake FB login page to steal access credentials (ez).

The fake Facebook site asks you to “verify account information” to see the video that was originally claimed. In this way, information theft takes place. If you stare at the URL in the browser bar you are running, you can see it Does not apply to official Facebook address. This is a signal enough that we are dealing with a fraud and should not enter the access code.

See also  This meteorite has a comet-like tail (now astronomers explain why)

The EZ Research Laboratory analyzed the verification mechanism used in malicious campaign URLs and how the perpetrators of this campaign may be harming Facebook’s development resources. After accessing a message that is normally received from a contact via Facebook Messenger, the user will be sent to a website with plain content, but actually hosting embedded HTML code.

Recommendations to avoid getting caught in this type of fraud:

1. It is recommended to ignore this type of messages coming in chats, even if they come from known contactsSenders may have been deceived or their devices compromised to spread these threats automatically.

2. It is important to notify the owner of the account to which the message was sent so that they know that this malicious activity is being carried out by impersonating their identity and profile. It is therefore convenient to review your account for any unusual activity, such as signing in from different accounts or devices, and to close sessions that do not match the actions performed by the user.

3. When unauthorized activity is detected by the user, it is convenient to update the compromised passwords immediately and enable additional security measures. Such as dual factor authentication and installing anti-malware solutions on devices.

4. New features used by the creators of phishing sites, such as security certificates, security locks and secure protocols, and homographic attacks on web addresses. It is necessary to review the security certificates to verify the legitimacy of the site in question.

5. Last but not least, it is convenient to notify users affected by this message, To prevent them from falling prey to phishing campaigns that seek access to social networking accounts and other web services.

See also  Ingenuity staggered to Mars due to navigation failure

Continue reading:

Misty Tate

"Freelance twitter advocate. Hardcore food nerd. Avid writer. Infuriatingly humble problem solver."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top