Facebook Phishing Scam: Android, iOS Users at Risk
There's a new online scam making its rounds online, and this time, it's targeted for Facebook users. Social media posters, especially those in Sweden, Finland or Germany, are warned to look out for the new campaign.
Researchers from online security company F-Secure have spotted the new phishing campaign, which is squarely aimed at users of the Facebook mobile app for Android and iOS. So far, the scam has been seen via the mobile version of Facebook Messenger.
It's a classic bait-and-switch scam, enticing targets via a shortened link that would supposedly lead to a YouTube video. "Based on the message, it seemed that the sender was telling the recipient that he was part of a video in order to lure him into clicking it," Frederic Vila from F-secure described the scheme.
These shortened links could be changed at a moment's notice. At first, the link would point to a YouTube video, but later on, it would be changed to a phishing page that pretends to be a Facebook login page.
This is a page designed to steal Facebook login credentials from unsuspecting users. Not only that, the page also contains ad-affiliate links, presumably for making money on the side.
Based on known statistics from the phishing page link, it was first put up on Oct. 15 and has lured mostly Swedish users to it. By Oct. 17, two days later, the majority of the visitors were from Finland.
From Oct. 19 onwards, the campaign seems to have switched to German users. By this time, almost 200,000 users have been lured to the fake page, with eight out of 10 of them being from the three countries mentioned.
It's easy to see how these stolen Facebook login credentials can be used later to lure even more victims through their Friends list, via Facebook messenger. Turning on two-factor authentication for Facebook looks to be an effective deterrent, according to the International Business Times.
Turning on two-factor authentication instructs Facebook to require another confirmation code sent to a device. A Facebook page for this feature is available for more information.