New Phishing Campaign through Facebook Messenger: It starts with a call to watch a video

Nowadays, mainly, they warn about a new phishing campaign Mexico, Which indicates theft of user access credentials Facebook.

Distributed through fraudulent messages Ambassador, Facebook news app, With text and link representing the video in which the recipient is supposed to appear.

“In this case, they reflect the Facebook homepage so that the user can identify it as a fake page and not enter their access credentials. It is important to be aware of the scams and scams that are spreading to avoid victims, in addition all systems have been updated and security solutions have been installed on all devices, ”he explained. Miguel Angel Mendoza, A researcher at the Asset Latin America Laboratory, a cybersecurity firm that published this new fraud attempt.

The malicious campaign is designed for mobile device users because it has a verification chain to determine if the victim has access to the connection from the phone. This way, if the user enters a malicious link from a desktop computer, he or she will simply be sent to a video and avoid the event of stealing important information.

Otherwise, if accessed from Appendix a Skills Sent to Fishing It simulates the official Facebook login page where the user must log in, including the email address and password used to access the social network.

The fake Facebook site asks you to “verify account information” to see the video that was originally claimed. In this way, information theft takes place. If you stare at the URL in the browser bar you are running, you can see it Does not apply to official Facebook address. This is a signal enough that we are dealing with a fraud and should not enter the access code.

The EZ Research Laboratory analyzed the verification mechanism used in malicious campaign URLs and how the perpetrators of this campaign may be harming Facebook’s development resources. After accessing a message that is normally received from a contact via Facebook Messenger, the user will be sent to a website with plain content, but actually hosting embedded HTML code.

Recommendations to avoid getting caught in this type of fraud:

1. It is recommended to ignore this type of messages coming in chats, even if they come from known contactsSenders may have been deceived or their devices compromised to spread these threats automatically.

2. It is important to notify the owner of the account to which the message was sent so that they know that this malicious activity is being carried out by impersonating their identity and profile. It is therefore convenient to review your account for any unusual activity, such as signing in from different accounts or devices, and to close sessions that do not match the actions performed by the user.

3. When unauthorized activity is detected by the user, it is convenient to update the compromised passwords immediately and enable additional security measures. Such as dual factor authentication and installing anti-malware solutions on devices.

4. New features used by the creators of phishing sites, such as security certificates, security locks and secure protocols, and homographic attacks on web addresses. It is necessary to review the security certificates to verify the legitimacy of the site in question.

5. Last but not least, it is convenient to notify users affected by this message, To prevent them from falling prey to phishing campaigns that seek access to social networking accounts and other web services.

Continue reading: