A new phishing campaign aimed at stealing Facebook user accounts

Analysts at information security firm Trustwave have discovered a new phishing campaign that uses Facebook posts as part of its attack to trick users into giving up their account credentials and personally identifiable information.

Analysts at information security firm Trustwave have discovered a new phishing campaign that uses Facebook posts as part of its attack to trick users into giving up their account credentials and personally identifiable information.

Analysts said the emails sent to the targets pretended to be a copyright infringement issue in one of the recipient’s Facebook posts, warning that their account would be deleted within 48 hours if they did not file an appeal.

The attackers make the account deletion appeal link an actual post on Facebook, which helps them bypass email security solutions and ensure phishing messages reach the target’s inbox.

A new phishing campaign aimed at stealing Facebook user accounts

The Facebook post pretends to be a support page by using the Facebook logo to appear to be run by the company. However, this post includes a link to an external phishing site named after Meta, the company that owns Facebook; To reduce the chances that victims will discover the scam.

Trustwave analysts found the following three URLs: meta[.]forbusinessuser[.]xyz/?fbclid=123, meta[.]forbusinessuser[.]xyz/main[.]php, and meta[.]forbusinessuser[.] [xyz/checkpoint[.]php.

Analysts said the phishing sites were carefully designed to look like the actual Facebook copyright appeal page, which contained a form where victims were asked to enter their full name, email address, phone number, and username.

A new phishing campaign aimed at stealing Facebook user accounts

When providing this data, the page also collects the victim’s IP address and geolocation information and outputs everything to a Telegram account under the attackers’ control, who may collect the additional information to bypass fingerprint protection or security questions while taking over the victim’s Facebook account.

Meanwhile, the redirect takes the victim to the next phishing page, which displays a fake request for a 6-digit OTP with a timer. Whatever code the victim enters will result in an error, and if he clicks on the option “Do you need another way to authenticate?” It takes the victim to the actual Facebook site.

A new phishing campaign aimed at stealing Facebook user accounts

Trustwave’s analysts also discovered that attackers use Google Analytics on their phishing pages to help them track the efficiency of their campaigns.

Trustwave said it had found several Facebook accounts that were using fake posts to pose as support pages leading victims to phishing sites.

These posts use URL shorteners to link to phishing sites to avoid being recognized and removed by Facebook.

Victims may reach these posts via phishing emails, as in the case of the campaign presented in this report, or via instant messages received on Facebook.

A new phishing campaign aimed at stealing Facebook user accounts

Don’t Stop Here

More To Explore

solar eclipse eclipse solar eclipse 2024 solar eclipse 2023 eclipse 2024 eclipse 2023 2023 eclipse 2023 solar eclipse april 8 2024 eclipse 2024 total eclipse 2023 solar eclipses 2024 sun eclipse eclipse april 8 2024 eclipse lunar eclipse eclipse of the sun 2024 eclipse solar eclipse eclipse2023 lunar eclipses solar and eclipse solar eclipse solar eclipse solar solar eclipse solar sun eclipse total eclipse in 2024 total eclipse 2024 total solar eclipse 2024 next solar eclipse total eclipse next eclipse total solar eclipse april 2024 eclipse annular solar eclipse annular eclipse 2023 lunar eclipse 2023 annular eclipse eclipse april 2024 april 2024 solar eclipse solar eclipse april 2024 annular solar eclipse 2023 eclipse today 2023 annular eclipse total eclipse of the sun 2024 sun eclipse 2024 totality eclipse 2024 total eclipse april 2024 8 april 2024 eclipse lunar penumbral eclipse october 2023 eclipse of 2024 eclipse of sun today eclipse penumbral eclipse timer full eclipse of the moon lunar eclipses 2023 next eclipse of the sun solaire eclipse solar eclipse of april 20 2023 solar eclipse of october 14 2023 solar eclipse today solar v lunar eclipse sun eclipse next total solar eclipse in 2024 upcoming sun eclipse sun eclipse next total solar eclipse eclipse 2022 great american eclipse 2024 total solar eclipse 2023 total eclipse 2023 next eclipse 2023 full solar eclipse 2024 full eclipse 2024 upcoming solar eclipse full solar eclipse next total eclipse eclipse april 2023 sun eclipse 2023 iso 12312 2 next eclipse 2024 next full solar eclipse total lunar eclipse april eclipse 2024 next solar eclipse 2023 future solar eclipses eclipse in 2024 solar and lunar eclipse full eclipse 2023 2023 total solar eclipse 1993 eclipse 2017 eclipse 2017 solar eclipse 2017 total solar eclipse 2019 eclipse 2022 solar eclipse 2024 solar eclipse best viewing april 20 eclipse april 8 2024 solar eclipse april 8 2024 total solar eclipse april eclipse 2023 april solar eclipse 2024 eclipse 1994

Experience the Solar Eclipse with The Eclipse App: Your Ultimate Companion

An innovative app, tailored to enhance your observation of the total solar eclipse on April 8, 2024, has risen to prominence on the App Store. Titled simply “The Eclipse App,” it has amassed over 140,000 lifetime downloads on both iOS and Android platforms. This app serves as a comprehensive tool for experiencing the celestial event, providing features such as cloud cover forecasts, precise timing for totality at your specific location, and details on local events, parks, and viewing sites in your vicinity.

April 8, 2024 No Comments

Twitter Introduces Payments for Verified Creators' Advertisements in Replies, Elon Musk Announces

Brazil Investigates Elon Musk Over X Dispute

Brazil has launched an investigation into Elon Musk over potential obstruction of justice following X’s reversal of a decision to block certain profiles in the country.

April 8, 2024 No Comments

Microsoft AI appcenter ms microsoft yammer microsoft advertising azure sphere azure bastion azure lighthouse azure labs delve microsoft microsoft network monitor azure cloud services microsoft net framework 2.0 azure free cmt microsoft outlook forms azure event grid visio viewer azure for students azure migrate azure regions azure security sql server 2022 azure defender microsoft business sql server 2016 azure availability zones azure hybrid benefit azure sentinel microsoft devops windows store microsoft 365 business sql 2019 azure pay as you go microsoft azure portal azure services sql server 2017 azure free tier microsoft office forms microsoft azure cloud edge for mac o365login microsoft project management windows virtual desktop miss excel azure advisor microsoft remote desktop download microsoft sql server 2019 microsoft business standard microsoft csp microsoft business premium owa 365 microsoft 365 business premium azure monitor microsoft business basic microsoft intune ms intune biztalk azure 200 azure vpn gateway azure cli mpp viewer remote desktop connection windows 10 visual studio professional 2022 sql server 2014 windows server 2022 download dot net framework godaddy 365 go daddy 365 azure batch azure vdi microsoft azure application gateway v2 microsoft dataverse ms power windows server 2019 download skype for business portal office365 com microsoft defender for office 365 active directory domain services azure cloud windows remote desktop visio for mac azure vpn windows server download azure data studio azure automation office 365 business defender for cloud microsoft teams linux godaddy office 365 mcse certification azure active directory microsoft sql management studio office 365 business premium microsoft 365 business standard microsoft remote desktop download sql server 2019 intune microsoft teams rooms windows 365 cloud pc accdb dev azure com

Microsoft AI’s New London Hub Led by Former Inflection and DeepMind Scientist Jordan Hoffmann

Microsoft has unveiled a new London hub for its consumer AI division, with Jordan Hoffmann, a scientist and engineer formerly with

April 8, 2024 No Comments