The Limited Times

Now you can see non-English news...

'Are you in this video?': The new scam circulating on Facebook Messenger

2021-07-27T16:13:32.886Z


A false message operates through phishing, that is, theft of passwords. How to prevent yourself.


07/27/2021 13:03

  • Clarín.com

  • Technology

Updated 7/27/2021 1:03 PM

A new

phishing

campaign -

theft of data such as username and password - began to go viral this week on social networks: it targets Facebook users.

Under the message

"Are you in this video?"

that comes through Facebook Messenger, many users have

already fallen into the trap.

The campaign is designed for mobile device users, as it has a validation chain to determine if a potential victim

accesses the link from a phone.

When the link is accessed from a smartphone, it leads to a phishing site that pretends to be the official Facebook login page, where the user is supposed to

log in by entering the email address and password

used to access the network. Social.

If the user does so, their personal access data is already compromised.

The fake Facebook site first asks to

"verify account information"

in order to view the alleged video.

In fact, if you pay attention,

the URL in the browser bar does not correspond to the official one

from Facebook: this is usually an indicator that it is an apocryphal site.

Phishing on Facebook.

Photo Welivesecurity

The funny thing is that it doesn't happen from desktop devices: PCs or laptops.

If the user enters the malicious link from a computer, he is directed to a video and prevents the instance of the theft of sensitive information.

“The ESET Research Laboratory recommends ignoring these types of messages that arrive in chats, even if they come from known contacts, since sometimes the senders have been deceived or their devices have been compromised to spread

these. threats in an automated way

”, they explained from the IT security company.

“It is important to notify the owner of the account from which the message is sent so that they know that they are carrying out this malicious activity impersonating their identity and profile, so it is advisable that they review

any unusual activity

, such as logins from different locations or devices, and close the sessions that do not correspond to those of the user ”, they add.

And they suggest: "In case of identifying the

activity not recognized by the user

, it is convenient to immediately update the compromised passwords and enable additional security measures, such as the double authentication factor and install antimalware solutions on the devices."

Phishing on Facebook.

Photo Welivesecurity

“Last but not least, it is convenient to notify users who have been affected with this message, to prevent them from becoming victims of phishing campaigns that seek to gain access to social network accounts and other Internet services. ”, They close from Eset.

The most common scams on Facebook

There are a number of scams that are very common across Facebook.

These three top the list:

False warnings

Beyond regular users, cybercriminals also target companies and brands, specifically by going after

their Facebook pages.

The premise of this scam is relatively simple

: scammers often start by impersonating Facebook Support and then message the page owners claiming they violated content policy and are charged with “Copyright Violations ”.

The message will also contain a link to “officially” contact Facebook Support with an addendum stating that page owners have 24-48 hours to respond or the page / account will be suspended.

However, this is all a hoax to get the login credentials to access the page.


If you click on the included link, you will be redirected to a form that you will need to fill out, and then you will be redirected to a fake Facebook login page.

Phishing scams

Phishing scams could be considered the mother of all scams, in Internet terms at least, and they are a perennial element that cybercriminals continually use. The main objective of cybercriminals is to

steal personal information

so that it can be used in other criminal activities, ranging from identity theft to the sale of data in the dark web marketplaces.

To this end, the cybercriminal will impersonate Facebook, saying that someone may have logged into your account or that your password has been reset or using

any other excuse trying to convey a sense of urgency

, and will include a link to log into your account. bill.

However, the link will direct you to a fake copy of the Facebook login page, which will then collect your login credentials and give the

scammers access to your account.

Fraudulent ads and shopping scams

The ads themselves could be seen as the first step in the victim's journey, where the scammer tries to cajole them into clicking the ad that will redirect them to a fraudulent market by offering

ridiculously discounted

products

or seeking to steal sensitive data.

This often includes luxury items, such as Ray-Ban glasses or other types of benefits.

Whatever the case, once you get to the purchase instance, and especially if you make a purchase, the end result will not be positive.

The "fake shop"

could collect your personal information and payment details, which could lead to identity fraud and accumulated charges on your credit card.

In case the ad does not lead to the

Facebook

marketplace

but to a site that requests information, the objective is probably that you enter sensitive information, such

as your credit card details.

Source: ESET

SL

Look also

Ten keys to recognize if a shopping website is safe and not fall for virtual scams

What are the 9 apps removed from Google Play for stealing Facebook passwords

Source: clarin

All tech articles on 2021-07-27

You may like

Life/Entertain 2024-02-13T08:40:42.644Z

Trends 24h

Tech/Game 2024-03-27T18:05:36.686Z

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.