A CyberNews investigation into a malicious message on Facebook Messenger turned up a much larger phishing operation on Facebook that appears to have bamboozled close to 500,000 users on the social media platform inside of two weeks.
CyberNews says it has “potentially” identified the threat actor behind the phishing crusade and their intentions. Based on the information it was able to collect during its investigation, the site says the hacker behind the attack may be from the Dominican Republic, and their goal is likely connected to serving malware and adware to unsuspecting victims.
Is that you?
The campaign is a version of the “is that you” scam, which has reared its ugly head several times on Facebook over the last few years. The message begins innocently enough and looks like it is sent from one of your Facebook friends. They usually claim to have found a photo or video that includes you.
However, what seems like a simple click to satisfy your curiosity takes you on a joyride through a chain of websites infected with malicious scripts. Those scripts are stealthy -- being able to determine where you are, what device you’re using, and your operating system. Finally, you’re routed back to Facebook, where your credentials are harvested and your device is infected with adware or malware.
Although Facebook has the ability to catch a campaign like this before it spins out of control, CyberNews says the perpetrators may be smart enough to bypass the platform’s security measures, at least temporarily.
A breakdown of the types of devices plagued by this scam shows that about 70 percent of them use the Android operating system and about 25 percent use Apple’s iOS system.
Americans appear to be luckier than others
According to CyberNews researchers, 77 percent of the targeting was done to Facebook users in Germany. CyberNews didn’t give specific metrics for U.S. Facebook users, preferring to lump them in with the rest of the countries with less than 2 percent of the scam action.
Despite the fact that the “Is that you” phishing campaign was targeting German residents, the analysts say what was not immediately clear is whether the mass abuse of breached Facebook accounts was perpetrated in order to do anything else besides spreading the campaign.
Protecting yourself from an attack like this
These days, it doesn’t matter whether an attack is focused on Germany or the U.S., targets users via email or Facebook, or hones in on consumers using Android or Apple operating systems. CyberNews’ Mantas Sasnauskas says the bottom line is that all users need to take steps to protect themselves. Here are some suggestions to keep in mind:
Create unique and -- probably more importantly -- complex passwords for all of your online accounts. Yes, it’s a hassle to remember a password constructed of special symbols and a mix of upper- and lowercase characters, but password managers can help you easily create strong passwords and notify you when your password has been reused.
Whenever possible, user multi-factor authentication.
Be cautious of any messages sent to you, even by your friends and contacts. Phishing attacks like “Is that you” usually employ some type of social engineering to lure users into clicking malicious links or downloading infected files.