A new Facebook phishing targeted iOS and Android users

  • 246
  •  
  •  
  • 1
  •  
  •  
  •  
    247
    Shares

A new Facebook spam campaign has been detected by F-Secure security researchers, the campaign attracting users to phishing pages that attempt to fool users into giving over Facebook or YouTube credentials. The spam campaign has been going on for 14 days and has slowly moved from one country to the other.

The hackers posted shortened links on Facebook pages using the user’s account, but they also spammed the victim’s friends via direct Facebook Messenger messages.

According to the researcher:
“Based on the data from the links, the campaign began last October 15th when it targeted mostly Swedish users. On the 17th, it moved to targeting Finnish users. Then from 19th onwards, it mostly went after German users.”

The entire number of clicks for the whole campaign reached about 200,000, and about 80% of the users were from Germany, Sweden, and Finland.

The spammed content seemed to be a link to a YouTube video, the hackers tricked Facebook’s URL previewing system into displaying the wrong link info by forging metadata. The complete technique has been explained by a security researcher Barak Tawily in a blog post here.

Android users and iOS users were redirected to a phishing page, and other users were redirected to a website that loaded ads.

F-Secure researchers highly recommend the affected users to change their passwords as soon as possible, also change their passwords on other systems and services where the same compromised password was used.

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!