Researchers discovered another Facebook-related attack from unknown threat actors that led to credential loss of targeted victims. Based on reports, the attackers have leveraged the Facebook copyright infringement notices to harvest credentials for numerous users.
The hackers have been spreading fake Facebook copyright infringement notices to deceive users, which could fall victim to their scheme and provide their information.
The newly discovered Facebook-related attack follows a standard phishing operation.
An investigation revealed that phishing emails are the primary vector for spreading a Facebook-related attack. The actors have organised a credential-harvesting campaign via social engineering strategies and impersonation.
Most of this new operation’s targets are end-users, who could expect to receive a Facebook copyright infringement notice.
A phishing sample from the attack revealed that the email contained a notice stating that the user’s Facebook account was suspended. Subsequently, the email offers a fake appeal form that the victim should submit within 24 hours to avoid suspension.
Unfortunately, the appeal will redirect the user to a credential-harvesting webpage instead of the official Meta page. Threat operators have employed a prevalent tactic for phishing attacks as it creates a sense of urgency for the users to avoid any consequence.
The researchers noticed from the sample that the email sender address does not come from Facebook, but it is still believable. The attached link on the email could fool any user if it appears legitimate. However, the URL for the redirection page is not from Facebook.
Despite the apparent impersonation of Facebook, many victims still fall for these attacks due to the threat of getting their accounts suspended within 24 hours. Therefore, the hackers could quickly harvest troves of data as most of the information given in the form appears to be not critical to many.
Cybersecurity experts suggest that users should always check the URL of the page before accessing it. Moreover, recipients of unwanted messages should double-check the sender’s address to validate the legitimacy.
Social media users should directly log on to their accounts and check their status to avoid falling victim to these Facebook-related attacks.
