FACEBOOK users are being targeted by hackers in an attempt to steal their logins.
According to cyber researchers, the massive phishing campaign has successfully pinched an estimated 5million accounts worldwide.
The attacks continue to spread virally through Facebook Messenger on mobile devices.
It’s been around for over a year but was highlighted this week by Nick Ascoli of PIXM, an anti-phishing browser extension.
In a video for tech news website HelpNetSecurity, he explained how the scam campaign works.
Nick’s team identified a number of dodgy websites posing as Facebook’s login page.
Each website had millions of visits and aimed to trick people into plugging in their Facebook credentials.
Links to the dodgy pages are being distributed through Messenger, Nick, VP of Threat Research at PIXM, explained.
“Once the adversary has compromised the account of a Facebook user, they log in to that account – presumably automatically,” he said.
From here, they “distribute new phishing links to all of that user’s friends,” Nick added.
The attackers have even figured out a way to insert the name of the target into the link, to make it look more believable.
It’s thought that the adversaries are collecting the credentials to sell them to hackers on the dark web.
Stolen Facebook logins can open the door to lucrative accounts with banking information, as people commonly use Facebook to autolog into shopping websites.
But the attackers running the campaign are making money in other devious ways.
Once a victim has plugged in their Facebook details into the fake website, they’re redirected to an advertising page.
The hacker could be making hundreds of dollars a month from the hits to that page generated by their attacks.
If you spot a suspected online scam message in the wild, do not click on any links or attachments sent by the attacker.
Generally speaking, if something feels off about a message or website, it’s best to proceed with extreme caution.
In the UK, you can report suspected scams to ActionFraud, the national reporting centre for fraud and cybercrime.
Their website is actionfraud.police.uk, and their phone number is 0300 123 2040.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
Source: The Sun