A well-written phishing message sent via Facebook Messenger has reportedly scammed 10 million Facebook users and counting.
ThreatPost reports that over the course of months, millions of Facebook users have been tricked by a phishing scam that dupes users into sending hackers their account credentials. The scam is still currently active and is continuing to direct victims to a fake Facebook login page to submit their credentials. It is currently estimated that around 10 million users have fallen victim to the scam.
A recent report from PIXM Security claims that the phishing campaign started last year and doubled its efforts in September. Security researchers believe that millions of Facebook users were targeted each month by the scam, which is still currently active.
PIXM claims that the campaign is linked to a single person located in Colombia, this belief comes from the fact that each message links back to code “signed” with a reference to a personal website. Researchers stated that the individual even responded to inquiries about the scam.
The campaign is focused on the use of a fake Facebook login page that tricks victims into entering their username and password and clicking “Log In.” When they do so, those details are sent to the hacker’s server, and then “in a likely automated fashion,” according to researchers, “the threat actor would login to that account, and send out the link to the user’s Friends via Facebook Messenger.”
After logging into the fake page, users are directed towards pages with advertisements and surveys, which generate referral revenue for the attacker. Researchers said that the hacker “claimed to make $150 for every thousand visits [to the advertising exit page] from the United States.”
PIXM estimates almost 400 million U.S.-based page views have been recorded on the exit page. As a result, researchers said this, “would put this threat actor’s projected revenue at $59M from Q4 2021 to present.” But researchers believe that the hacker is “probably exaggerating quite a bit,” about how much he makes.
Breitbart Tech suggests the following steps to avoid phishing scams on Facebook Messenger.
1) Carefully inspect links sent to you, even from friends
This phishing scam is particularly effective because it sends links from hacked accounts to their friends. Assume all links are suspect no matter who sends them, and carefully review the link before clicking.
2) Never enter your username and password if prompted to after clicking a link
Although there are plenty of reasons you may be required to enter a username and password, you have no way of knowing for sure it’s not a phishing attack if the request occurs after clicking a link in Messenger. Instead of entering your credentials, use the Facebook app or web browser to navigate to the location the link would take you.
3) Watch out for requests for money or “too good to be true” deals
Although this phishing attack focused on generating ad revenue, many target direct financial gain by hacking bank accounts and other financial institutions. Treat Messenger communications talking about money as you would a stranger at your front door asking the same questions.
Read more at Threat Post here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address lucasnolan@protonmail.com