Tuesday, April 16, 2024

If you get fake Facebook alerts, don’t fall for them


3 min read

Cybersecurity researchers from Abnormal Security have warned of phishing attacks on Facebook users, aimed at stealing passwords from social network users, including Facebook page administrators.

The attack begins with an email allegedly received by the Facebook team, warning the potential victim that her user account could be blocked and the Facebook page removed due to the constant posting of content reported for infringing another user’s rights.

The victim is urged to file a complaint by clicking on a link in an email, which researchers say leads to a post on Facebook, which includes another link that directs the user to another website where he can file a “complaint”.

As part of this fraudulent process, users are required to provide sensitive information, including their name and email address. Before submitting the form, the user is also asked to enter their password for the Facebook account.


All this information is sent to the attacker, who can use it to log in to the victim’s Facebook account, collect information from their account and even lock it up. If the victim uses the same email address and password for other websites and applications, the attacker can access them as well.

One of the reasons why phishing attacks are successful is that they give the impression of urgency to the victims.

“This is often enough to persuade recipients to give out their personal information, especially if they use their Facebook account for business purposes,” the researchers say.

What made this particular phishing campaign interesting to researchers is that it is linked to a post on Facebook and that there is a link to a phishing site in the post, which looks like a complaint form.

However, although email and phishing domains may seem legitimate at first glance, there were details that could indicate that something may be wrong. For example, an email does look like Facebook, but the sender’s email address is not associated with Facebook at all. If an attempt is made to reply to the sender, the message goes to the Gmail address.

The email is designed to scare the victim into losing their account. It is unlikely that an internet service like Facebook would send such an email, but if you receive such a message and if you are worried about it, do not click on the link in the message. Instead, log in to your account directly on the website. If something is wrong with your account, you will be able to find out there, without giving a password to cybercriminals.

Facebook’s help center states that anyone who thinks his account has been compromised in this way should report it. The user should also change the password in the security settings, as well as log out of all devices that he does not recognize. It is also recommended that users enable multifactor authentication.

Google has responded to Abnormal Security’s warning, so the Gmail account used in this campaign has now been removed.









Dudescode.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com