Recently, security researchers cautioned about about a phishing scam that steals crucial personal information from Facebook users. Read on to know more…
Security researchers have cautioned about a new email phishing scam that can steal Facebook users’ personal information. According to report by Abnormal Security, an email security firm, numerous Facebook users have received emails stating that their accounts will be closed if an issue is not resolved immediately. According the report, fraudsters are mainly trying to gain access to personal information such as email addresses, passwords, dates of birth, and other details of Facebook users who manage company pages. As per the report, fraudsters are attempting to hijack the Facebook pages of a number of organizations with this phishing scam.
Fraudsters send a phishing email claiming to be from ‘The Facebook Team,’ according to the research. The email warns that infringing content may result in the user’s account being disabled or the page being removed.
The email’s message is followed by a link to a Facebook post for users to see. The article then contains a link that directs readers to a fake website where they are requested to provide personal information such as their name, email address, and password in order to file a “appeal.”
The information submitted by users is also shared with fraudsters, who can then take over the account or page and utilize it for illicit purposes, according to the research.
Working of Facebook Phishing Scam
Fraudsters send a phishing email claiming to be from ‘The Facebook Team,’ according to the report. The email warns that the Facebook user’s infringing content may result in their account being disabled or the page being removed.
The email reads “We just received a report from a third party that the content you posted infringes or otherwise violates their rights. Accordingly, your account has been repeating these actions, this means your Account might be disabled, and your page might be removed. If you believe these reports are not being made in good faith or are inaccurate, please click the link below:”
The email’s message is followed by a link to a Facebook post. The post then contains another link that directs users to a fake website where they are asked to provide their personal information such as their name, email address, and password in order to make an “appeal”.
The report further states that the information submitted by users is also shared with fraudsters, who can then take over the account or page and utilize it for illegal activities.
The report specifically mentions that “Because the threat actors use a valid Facebook URL in the email, it makes the landing page especially convincing and minimizes the chance the target will second-guess the legitimacy of the initial email.”
Mitigation
To stay secure from the phishing attacks, the email security firm recommends that you double-check the address from which you received an email. You should also think twice about submitting your login information, especially if you are entering it via a web link.