A recently discovered phishing campaign has been discovered using fake Facebook copyright infringement notices to trick users into divulging their account details.
According to analysts at cybersecurity firm Trustwave, these bogus messages claim that the user's account will be deleted within 48 hours, unless they fill out an appeal form to protect themselves.
This appeal form then collects key personal data about the user, which can put the unintended recipient at much higher risk of issues like identity theft.
How does it work exactly?
The phishing attack is sent via email to the recipient's inbox, which contains a link to an actual Facebook post.
The user is then redirected to a fake Meta-branded customer support site.
This site collects the user's real name, phone number and address, which combined with their IP address and location would be stored by the hacker and sent to a Telegram account via HTTPS.
Users would then be directed to another fake page, where they would be faced with a one-time password check, which inevitably fails.
After that, if they choose to click on a popup that says "Need another way to authenticate?", they will be redirected to the actual Facebook site.
Trustwave advises users to be cautious if they receive copyright infringement notices claiming to be from Facebook.
Facebook continues to be an extremely popular attack vector for would-be cybercriminals.
In October, cybersecurity researchers uncovered a campaign known as "ducktail."
Targeting companies that run ad campaigns on Facebook, "ducktail" installs malware on a victim's machine, which then collects valuable information, such as crypto wallet addresses.
- Do you want to be safe online? Check out our guide to the best privacy tools (opens in a new tab)