400,000 Facebook users targeted in phishing campaign

It is no secret that social media is a no-go for security and privacy advocates. With so much data collected on its users, data that is willingly shared, mind you, it is not hard to see how social media platforms can be targeted. The targeting typically comes from nefarious black hat hackers looking for a payday, either monetarily or via data that can be used in later attacks. This is the case in a recent attack campaign that went specifically after Facebook users. As reported in a post by researchers at Cyberint, a phishing campaign targeted over 400,000 Facebook users. These victims were located primarily in Israel, Norway, the United States, and Bulgaria (though many other countries had at least 1,000 confirmed victims). At the same time, as researchers note, the motivations behind the attack seem vague. For Facebook, this is another in a long line of security embarrassments to strike the social network.

According to Cynerint, the Facebook phishing campaign specifically spread a malicious link via Facebook messenger. Further details can be found in the following excerpt from the Cyberint team’s post:

Masquerading as a link to a YouTube video sent from a contact known to the recipient, those that click on the nefarious link are, unbeknownst to them, redirected through multiple websites that first determine if the victim is using a mobile device, presumably as the attack will be less noticeable, before presenting a Facebook phishing page and, after multiple redirects, culminating in the presentation of the legitimate Google Play Store site.

Other than the theft of Facebook credentials, seemingly abused to further the reach of this campaign, the motivations or final objectives of the threat actor remain somewhat vague.

Aside from the potential for some kind of referral-fraud, assuming that the redirection chain passed the victim through websites offering affiliate schemes, it appears unusual for a phishing campaign to not culminate in the victim being returned to the targeted site.

This attack ties in well to a recent report from Kaspersky that explored the volatility of social media, namely the threat it poses to its users from a cybersecurity perspective. The report compiled a list of the social media platforms that experiences the most phishing incidents. Over their period of research, Facebook topped their list with a staggering 4.5 million attack attempts.

Featured image: Flickr / Esther Vargas

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Contactless payments are hot, but are they secure?

The trend to contactless payments has accelerated as retailers and consumers adjust to COVID-19 realities.…

8 hours ago

Season’s fleecings: CISA warns on holiday shopping scams

The U.S. Department of Homeland Security is warning that online holiday shopping scams may be…

12 hours ago

Azure DNS: Using Azure DevOps to protect public DNS zones

This in-depth tutorial shows you how to use features available in Azure DevOps to boost…

15 hours ago

Report: Baidu Android apps had potential to expose data

Two apps from Chinese tech giant Baidu that had been available in the Google Play…

1 day ago

Shining a light on the dark shadow cast by shadow IT

Employees who don’t have the tools to get their jobs done sometimes turn to the…

2 days ago

Microsoft 365 troubleshooting: Diagnostic tools at your fingertips

Many Exchange Server troubleshooting tools don’t work with Microsoft 365. Fortunately, Microsoft has a bunch…

4 days ago