A wide-scale phishing campaign was found exploiting Facebook and Facebook Messenger social media applications to victimise account users and trick them into giving away their account credentials. Once the hackers have gained access to the users’ Facebook accounts, they will use it to defraud more victims, allowing them to generate money on commissions through online advertisements.
Despite being active since last September, the campaign had only peaked this year from April until May, thus attracting the attention of cybersecurity researchers. The threat researchers have tracked down the campaign from identified publicly accessible phishing pages that host a link to a traffic monitoring web application.
From an in-depth study, researchers identified that the victims arrived at the phishing pages through a series of website redirects from the Facebook Messenger app.
As the threat actors had successfully hacked numerous Facebook accounts of their victims, they could use them to spread more phishing links to other victims and make a huge income. In these instances, the hacked user’s Facebook friends are usually the phishing actors’ next targets, luring them via social engineering tactics.
It is vital to consider that Facebook has implemented measures to prevent cybercriminals from spreading phishing links through their messenger app; however, these threat actors have come up with ways to bypass the policies through automated tools.
According to the researchers, many URL generating platforms like litch[.]me, amaze[.]co, and funnel-preview[.]com are being used for phishing messages, which Facebook could see as a problem since many users utilise them for appropriate purposes.
The stats from the researchers’ analysis revealed that over 2.7 million users were lured to visit at least one of the phishing sites, while the number had risen to 8.5 million this year. If victims were tricked into typing in their account credentials on the phishing site, they would be redirected to more web pages associated with the campaign.
The referral commission provided by the advertising websites’ vendors is how the phishing actors gain income from their malicious activities, which experts estimate to be reaching at least millions of dollars.
Facebook users have always been prone to different cyberattacks, including phishing scams. Cybersecurity experts recommend avoiding clicking on suspicious links sent by unknown sources and not easily giving away account credentials to a random page with a dubious impression.
