A new phishing attack steals data on Facebook through friend profiles. Criminals are hacking into social network accounts and using the contact list to prospect new victims, with messages that try to convince people to click links, enter fake page addresses, and provide sensitive data. The conversation, which takes place on Facebook Messenger, induces access to a web address where a leaked video is allegedly exposed.
READ: Play with X-men becomes successful on the web; see memes
The scam was released on Tuesday (17) by the Better Business Bureau, a business analysis organization. According to the company, the attack happens when Facebook users receive messages with the context "you". The superficial phrase is intended to confuse and, at the same time, indicate a false relaxation with the victim. The effectiveness, however, is related to the hacked profiles in the social network friends list.
Phishing attack invades profiles to send fake messages on Facebook Messenger Photo: Carolina Ochsendorf / TechTudo
Want to buy a cell phone, TV and other discounted products? Meet the Compare TechTudo
The agency also detected more elaborate attempts at the same attack. In some cases, users may get a message like "Hey (your name), what are you doing on this video?". The scene cited, however, is not embodied in the conversation. At this point, the criminal asks the person to visit a specific website to check out the alleged scene. "Search your name from 1:53 on the video" completes the fake conversation.
A variation of the attack used to steal Facebook account access data. This done, criminals use the victim's contact list to sow different phishing strategies. These people receive messages that can lead to a cloned social network login page. At this point, the access data is captured and the account is used to fool new users.
Phishing strategies can also vary with messages that lead to websites of financial institutions, credit card companies, fake e-commerce stores, news portals, and mobile carrier pages.
How to delete your Facebook search history
How do phishing attacks work?
Phishing is a common data theft tactic where criminals use messages to mislead their victims. In addition to social networks, this type of attack is also distributed through email messages. The purpose may vary: Fake messages are used to steal sensitive data or to install malicious software on your computer, such as malware and ransomware.
To avoid problems, be suspicious of strange messages sent by friends and click on suspicious links. Another tip is to avoid following messages that require interactions like typing web addresses. In such cases, try to confirm it was really your friend who sent that content.
Also, learn how Facebook videos work: The social network incorporates these content into Facebook Messenger messages. Therefore, do not rely on messages where access to other sites is required to view the content. Finally, use common sense, as scammers are immediate and do not exchange messages as a way of acting. Usually, they send a single message, either via email or social network, containing everything needed to capture new victims.