Full width home advertisement

Welcome Home

Post Page Advertisement [Top]

Almost half a million users were duped by Facebook phishing campaign

Have you ever come across the "The Mia Ash" Facebook profile? This profile sent so many people request and was very active, it was publishing new photos on a regular base and had quite a few comments from its targets which are commenting on these photos. These people are not even friends with her and never paid attention again, there are lots of likes from the same people.

Investigation shows that the attack first started with messages over LinkedIn, before eventually moving across to Facebook then to email. In a particular instance of the campaign studied by researchers, the email exchange always ended up with 'Mia' sending the target an email a Microsoft Excel document 'Copy of Photography Survey.xlsm' and will urge its target to open it for it to 'function properly'.

This survey continued which, once it is enabled, it downloaded the PupyRAT Trojan onto the targeted system, this will give the attackers access to the network. 

You should think twice before opening that message from an 'old friend'


After there have been a thorough investigation carried out, about a malicious message sent via Facebook Messenger, the researchers at CyberNews have now come to uncover a large-scale phishing campaign that has tricked close to about 500k Facebook users.

The “Is that you” phishing scam first started circulating on the social network platforms back then in the year 2017. The scam started with a message sent by one of a user's friends in which they claim to have found an image or video with them featured in it, most of the cases confirmed that the videos were either advertisement or promo for a product or business video. Some of the videos are for other reasons.

However, the message appears as a video that when you click on it, leads a user through a chain of websites infected with different malicious scripts. These scripts are able to determine where a user located, the device they're making use of and even its operating system.

From there, the scripts will lead users to a Facebook phishing page and could be able to harvest their credentials and then if possible, will also infect a user's device with adware or other malware.

Is That you?

While the “Is that you” phishing scam has been around for years, the campaign of this scam that was discovered by CyberNews began operating at the end of January 2020 and so far about 480,00 users have fallen victim to this scam with 77 percent of the victims are residence of Germany.

Due to the large-scale nature of the campaign and how it has appeared to mainly its target who are the German users, the news outlet shared its report with the CERT Germany, Facebook and the URL shortener service wal.ee which was the channel that was used by the threat actor responsible.

Meanwhile at the same time, the threat actor also made use of a legitimate third-party web statistics service to track their campaign which is how the CyberNews were able to uncover it in the first place and also learn how many users were affected. 

CyberNews are recommending that those at risk of this phishing should make use of a password manager, two-factor authentication and majorly remain vigilant when checking their messages online to avoid falling a victim to this or to other similar scams.

How To Avoid Phishing Pages

1. Check for some of the best malware software available.

2. Keep your devices always protected with the best antivirus software.

3. Also you should keep check on the roundup of the best ransomware protection.

4. Be careful of pages that suddenly ask you to re-login with your social media account, they are mostly phishing pages. 

5. Always check the URL of every page or website that ask for logins credentials in order to be sure it's coming from a trusted company. 

6. Always keep your devices virus free by running periodical virus checks. 

No comments:

Post a Comment

Bottom Ad [Post Page]