U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A new Facebook scam in the wild aims to steal sensitive data

A new Facebook scam in the wild that aim to steal sensitive data proposing a “Facebook Recovery” Accounts that share malicious links. It’s not new that Facebook it’s the perfect place to try to get precious information and financial gain since it aggregates many people, crossing all generations. The popular social network is very attractive […]

A new Facebook scam in the wild aims to steal sensitive data

A new Facebook scam in the wild that aim to steal sensitive data proposing a “Facebook Recovery” Accounts that share malicious links.

It’s not new that Facebook it’s the perfect place to try to get precious information and financial gain since it aggregates many people, crossing all generations. The popular social network is very attractive for cyber criminals, and Facebook Scam are “on the agenda”.

This time we are talking about one of the most recent Facebook scam that was uncovered by researchers at Malwarebytes.org.

For what was observed this Facebook scam starts with a rogue account (can be a fake one or one that was stolen) sharing a shortened URL and the message is entitled “Facebook recovery” and should look like this:

Notification: Your Account will be Disabled!

Account FACEBOOK you have already been reported by others about the abuse of account, this is a violation of our

agreement and may result in your account is disabled. Please verify your email account to unblock and help us do more

for security and convenience for everyone.

Immediately do recover your Facebook account, by clicking on the link below:

hxxp://j[DOT]mp/1HloHXd?help-facebook-recovery

“Attention”

If you ignore this message, we can not recover your account and your account will be permanently disabled.

Sorry to interrupt your convenience.

The Facebook Team

facebook scam 3

When clicking on the shortened URL the user is sent to the page below:

facebook scam 4

This so called ” Center Recovery Account” it’s just a bait for the user to enter his credentials, since nowadays users worry a lot about losing credentials, and ” Once a user entered the credentials asked and click Log In, data is posted to recovery.php, and then users are redirected to this payment page, which asks for his/her full name, credit card details, and billing address” :

facebook scam 5

Keep in mind that never Facebook asks money for their users to do whatsoever, so it doesn’t make a lot of sense having a “Center Recovery Account” where they ask for some money.

The majority of victims for this Facebook Scam is located in Asian countries and in the United States:

facebook scam 6

I know that users are more careful than some years ago, but this kind of Facebook scams are still very popular. One of the reasons is the lack of awareness on cyber threats, so keep always an the eye open trying to identify suspicious situations like receiving “odd” messages, messages with broken English, and messages that ask for PII and financial information.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

 

Edited by Pierluigi Paganini

(Security Affairs –  Facebook Scam, cybercrime)