Scammers can never be underestimated. They always manage to come up with something new to scam the internet users. Now, they are tricking Facebook users into giving up their passwords. The crooks are making use of Facebook’s “Notes” tool in their phishing campaign to make it look more legitimate.
Business Insider has explained how this phishing attempt actually works.
It starts with the user receiving an email that appears to be from Facebook (but actually isn’t). The mail states that the user’s page was flagged by an undisclosed “third party” for featuring content that goes against their rights. The mail also mentions that the page could be deleted for the same reason.
The user is then asked to click on a link to confirm their identity. This is where things get interesting. Instead of being taken to a website pretending to be Facebook, the user is actually redirected to the real Facebook and lands on a note that resembles an official copyright complaint.
The fact that user is reading the note on the real Facebook makes this phishing campaign more effective. Users unfamiliar with the Notes tool as well as Facebook’s user interface are more prone to falling in the trap set by the scammers, than the ones who are aware of what Facebook looks like and how it operates.
A second link is then presented to the user so they could carry on with the appeal process. Although it looks real, the link houses a bit.ly short link that redirects the user to a fake site imitating Facebook (facebook.com.fbmailcopyrights.com or facebook.com.support912239.website/appeal or https://fb.com.copyright.1003762.review/appeal.php).
The user is then required to provide numerous details, including their name, page name as well as email address. The password isn’t required until the very last stage of the phishing attempt. This causes the user to not doubt the legitimacy of the website. The account is compromised once all the details are submitted by the user.
To prevent the attack, users should use two-factor authentication to ensure that the hackers don’t gain access to their accounts, even after getting the password. Users should also use different passwords for different services so if their account details for a certain service get compromised, their other services remain risk-free. Also, it is the best practice to double check URLs before providing confidential information.
A Facebook spokesperson said that the social network had already taken down the page associated with the scam note. However, Digital Information World's separate investigation shows that just a simple search on Facebook search bar can still bring a bunch of fake pages that are still publicly available on the platform along with their dangerous Notes. Although, based on our report, Facebook half heartedly added a warning on some phishing links of evilly crafted Notes, however the social media giant failed to completely remove those pages that we highlighted. We asked Facebook about their strategy to stop these bad actors from creating such pages in the future but got no response on that.
According to Facebook, it encourages people to report suspicious stuff so it could be dealt with accordingly. Moreover, the company also tends to educate its users about keeping their account details safe and secure. For further clarification, users can head to the Facebook Help Center via the following link: facebook.com/help/phishing.
More resources:
• How do I report a Facebook account or Page that’s pretending to be me or someone else?
• Fix a Problem: If you think your Facebook Page was hacked or taken over by someone else, read these official guidelines by Facebook here.
Business Insider has explained how this phishing attempt actually works.
It starts with the user receiving an email that appears to be from Facebook (but actually isn’t). The mail states that the user’s page was flagged by an undisclosed “third party” for featuring content that goes against their rights. The mail also mentions that the page could be deleted for the same reason.
The user is then asked to click on a link to confirm their identity. This is where things get interesting. Instead of being taken to a website pretending to be Facebook, the user is actually redirected to the real Facebook and lands on a note that resembles an official copyright complaint.
The fact that user is reading the note on the real Facebook makes this phishing campaign more effective. Users unfamiliar with the Notes tool as well as Facebook’s user interface are more prone to falling in the trap set by the scammers, than the ones who are aware of what Facebook looks like and how it operates.
A second link is then presented to the user so they could carry on with the appeal process. Although it looks real, the link houses a bit.ly short link that redirects the user to a fake site imitating Facebook (facebook.com.fbmailcopyrights.com or facebook.com.support912239.website/appeal or https://fb.com.copyright.1003762.review/appeal.php).
The user is then required to provide numerous details, including their name, page name as well as email address. The password isn’t required until the very last stage of the phishing attempt. This causes the user to not doubt the legitimacy of the website. The account is compromised once all the details are submitted by the user.
To prevent the attack, users should use two-factor authentication to ensure that the hackers don’t gain access to their accounts, even after getting the password. Users should also use different passwords for different services so if their account details for a certain service get compromised, their other services remain risk-free. Also, it is the best practice to double check URLs before providing confidential information.
A Facebook spokesperson said that the social network had already taken down the page associated with the scam note. However, Digital Information World's separate investigation shows that just a simple search on Facebook search bar can still bring a bunch of fake pages that are still publicly available on the platform along with their dangerous Notes. Although, based on our report, Facebook half heartedly added a warning on some phishing links of evilly crafted Notes, however the social media giant failed to completely remove those pages that we highlighted. We asked Facebook about their strategy to stop these bad actors from creating such pages in the future but got no response on that.
According to Facebook, it encourages people to report suspicious stuff so it could be dealt with accordingly. Moreover, the company also tends to educate its users about keeping their account details safe and secure. For further clarification, users can head to the Facebook Help Center via the following link: facebook.com/help/phishing.
More resources:
• How do I report a Facebook account or Page that’s pretending to be me or someone else?
• Fix a Problem: If you think your Facebook Page was hacked or taken over by someone else, read these official guidelines by Facebook here.