A new phishing scheme that relies on over 3000 fake profiles targeting Facebook users has found attackers trying to steal account credentials.
Group IB Digital Risk Protection (DRP) experts described the campaign in an advisory published today, adding that it is still active at the time of writing.
“Between February and March 2023, Group-IB researchers identified over 3,200 fraud profiles compromised or created by the cybercriminals who launched this campaign,” said Group-IB. Sharef Hlal and Karam Chatra of .
“Although this scam operates in over 20 languages, Group-IB experts discovered that the majority of profiles impersonating Meta were posted in English.”
According to security experts, the ultimate goal of this campaign is to access the Facebook accounts of public figures, celebrities, corporations, sports teams, etc. to steal sensitive information and use it to gain access to other accounts. That’s it.
“The latter is possible given the very common occurrence of a person using the same username and password combination across multiple services, which poses a serious risk to accounts on financial services platforms.” and Group-IB advisory.
From a technical perspective, the hackers involved in this campaign primarily relied on phishing websites spoofing Facebook login pages and session hijacking attacks aimed at stealing browser cookies. .
Read more about Facebook attacks: Hackers use S1deload Stealer to target Facebook and YouTube users
“Scammers impersonate Facebook’s parent company Meta in public posts and over 220 phishing sites,” write Hlal and Chatra.
“They appropriately use the official Meta and Facebook logos on their social media profiles and phishing web pages to appear legitimate and trustworthy in the eyes of users. It has nothing to do with it and is often quickly deleted by social networks.”
The publication of the advisory, which includes a full analysis of the techniques used in this campaign, comes months after Meta dropped two separate disinformation campaigns in China and Russia.
Editorial image credit: Ink Drop / Shutterstock.com
