Posing As A Facebook Team, These Phishers Can Steal Your Account!
JAKARTA - Social media users are often easy targets for perpetrators of phishing attacks, because they are easily tricked by officially acting on behalf of the Facebook Team.
The attack began when a user received a phishing email purporting to be from the Facebook Team, warning that the user's account might be deactivated and their Facebook page deleted, for repeatedly posting content that had been removed or was reported to violate the rights of other users.
Then, the victim is also invited to appeal the report by clicking on a link that leads to a Facebook post, and within this post there is another link that directs users to a separate website to make their appeal.
As part of the fake appeal process, users are asked to provide sensitive information, including their name and email address. Before submitting the form, users are also asked to enter their Facebook password.
All of this information is then sent to the phisher, which they can use to log into the victim's Facebook page, collect information from their account, and potentially lock the victim's account.
Later, if victims reuse their Facebook email addresses and passwords for other websites and apps, attackers can also access them.
One of the reasons phishing attacks like these work is because they create a sense of urgency. Launching ZDNet, Tuesday, April 26, this research was first initiated by Abnormal Security.
"This quite often convinces recipients to give away their personal information, especially if they are using their Facebook account for business purposes," said Rachelle Chouinard, threat intelligence analyst at Abnormal Security.
In this case, the user is easily fooled because the phishing email and the domain may look legitimate at first glance, but there are clues that suggest something is wrong.
For example, while the email contains the Facebook branding and is claimed to be from Facebook itself, the sender's email address is in no way associated with Facebook. Also, attempting to reply to the sender's email will redirect the message to an unrelated Gmail address.
Moreover, the language of email is designed to create fear in victims, scaring them into losing their accounts.
In response to this, Facebook is providing users with suggestions on how to identify and report phishing attacks.
Facebook's Help Center says anyone who thinks their account has been phished should report it, change their password, and in security settings, sign out of any device they don't recognize.
Users are also advised to enable multi-factor authentication to increase account security against unauthorized logins. In addition, Google also stated that the Gmail account used as part of the phishing has now been deleted.