Users of social media have been warned about a new phishing campaign. The cyber-scam uses Facebook posts to trick users into handing over their account credentials and personally identifiable information.
Dubbed Meta-Phish, the scam works by attackers sending fake copyright infringement notices warning Facebook users that their accounts would be deleted within 48 hours unless they appeal the decision.
Users are then diverted to a fake appeal form, which collects key personal data about the user, which can put the unwitting recipient at far greater risk of issues like personal identification data theft. The appeal URL links to an actual Facebook post, allowing the threat actor to evade email security checks and deliver phishing messages to users’ inboxes.
Looking into this latest attempt to utilize technology to defraud others, for Digital Journal, s Tonia Dudley, CISO at Cofense.
Dudley explains why those engaging in such illicit activity have turned to Facebook: “With nearly 2.9 billion monthly active users, Facebook has unfortunately been an active target for scammers seeking to exploit accounts and make financial gains for a long time.”
In terms of the form of attack, Dudley elucidates: “This recent attack is very similar to a December 2020 phishing campaign that tricked users into giving scammers their account credentials for fear that their accounts would be disabled. In this case, scammers alerted users to a copyright infringement issue and linked them to an external “support” site named after Meta to reduce suspicion.”
Going into more detail, Dudley adds: “As is common in many of today’s phishing attacks, a critical component of this particular attack is its lure design. Threat actors play the fear factor in many phishing campaigns, which causes many users to overlook common indicators of a phishing attempt, including an improper tone or greeting, grammar or spelling errors, and inconsistencies in email addresses, links, and domain names.”
Dudley sees the main responsibility in addressing these attacks as falling with Facebook rather than the user. Dudley states: “To prevent future phishing attacks, organizations like Facebook must take the necessary steps to protect inboxes, detect threats, and respond to an attack.”
Dudley also recommends that the social media giant adopts “actionable intelligence that gives visibility into the risk factors in your network and immediately and decisively responds to phishing threats will help keep malicious actors at bay and ensure the protection of sensitive data.”