Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Don't fall for this devious phishing scam, Facebook users warned

Image Description

A new phishing campaign is targeting the administrators of company pages on Facebook, security researchers have warned.

As reported by ZDNet, Abnormal Security has identified emails delivered to Facebook users claiming that their account will be permanently closed if an issue is not rectified urgently.

The objective of the scam is to trick people into handing over their passwords and personal information, potentially with a view to hijacking the company pages they administrate.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

False sense of urgency

First, the victim receives an email addressed from “The Facebook Team”, which warns that they have repeatedly posted content that infringes on someone else’s copyright. Unless they appeal the claim immediately, their account will be closed, the victim is told.

The email carries two links: one that leads to a genuine Facebook post (probably to help bypass email protection services) and another that directs the victim to a website where they can “plead their case”. 

This malicious page isn't host to any malware, but rather asks the victim to provide personal information, including their name, email address and Facebook password. 

Commenting on the findings, Rachelle Chouinard, Threat Intelligence Analyst at Abnormal Security, explained that it’s the false sense of urgency that catches people out.

"This is often enough to convince recipients to provide their personal information, particularly if they are using their Facebook account for business purposes,” said Chouinard.

Even though the attackers did their best to hide the fact that the emails weren’t coming from Facebook, there are a few red flags for those with an eye for detail. For example, the sender's address is not related to the Facebook domain in any way, and pressing “reply” brings up an unrelated Gmail address. 

The researchers also said that legitimate companies will never use language designed to spark fear in the recipient. 

Those who still aren’t sure if something’s wrong with their account, should rather log in by typing the address directly into the browser, rather than clicking on a link. If anything indeed is wrong with the account, there will be a notification waiting on the profile page.

Via ZDNet

Date

26 Apr 2022

Sources


Share


Other Blog

  • Xiaomi could bring new Redmi and Mi branded laptops to India soon

    The Chinese tech company Xiaomi could unveil anew laptop in the Indian market and reports hint that the launch could happen later this month.

    Read More
  • Just like the Nintendo Switch, the Steam Deck is the result of failed hardware

    Just like the Nintendo Switch, the Steam Deck learned from the mistakes of its predecessor.

    Read More
  • Firefox will soon let you have multiple picture-in-picture video windows

    You'll soon be able to have several P-in-P windows open at once.

    Read More
  • Google Chrome could be making some big changes to your favorite extensions

    Chrome extensions built for Manifest V3 will offer better performance, security and improved privacy protection.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us