 |
According to analysts of Singapore-based cybersecurity company Group-IB, the creators of cyber-criminals have distributed ads promoting the alleged type of Facebook Messenger review to harvest user login details.
Facebook Messenger users have been targeted by a massive fraud campaign in at least 84 countries including Canada, the United States, France, Germany, Italy, Singapore, Malaysia and South Africa.
According to analysts of Singapore-based cyber-based security company Group-IB, the creators of cybercriminers have distributed ads promoting the alleged type of Facebook Messenger review to harvest user login details. The company found about 1,000 fake Facebook profiles involved in the scam.
To attract users' attention, fraudsters registered accounts with names like the real app, such as' Messanger ',' Meseenger ', and' Masssengar ', and used the official Facebook Messenger logo on their profile picture.
"To simplify the balancing process on Facebook and bypassing crime filters, scams shorten links created with the help of services like linktr.ee, bit.ly, cutt.us, cutt.ly, and rib.gy," Group-IB wrote on a blog .
When a user clicks on a link to download a fake app, they are directed to the fake Facebook Messenger website and login form, where they are asked to enter their credentials. Cybercriminals have used blogspot.com, sites.google.com, github.io, and Godaddysites.com to sign up for Facebook Messenger sign-in pages.
Scammers added features such as who might have visited a user profile and seen deleted messages, or even offered a switch to Gold Messenger to attract users to follow the link.
Cybercriminals also threatened users that if they did not register on the fake page, their account would be permanently blocked.
"The safety and security of our users has always been our top priority and we are investigating this matter," a Facebook spokesman said.
"We have a policy of zero tolerance for fraud in our services and we have taken immediate steps to remove illegal items as soon as possible, and strongly encourage users to report any suspicious activity."
Group-IB advised users to be careful while following short links and raise a red flag if it leads to a survey or one-page blog. Other than that, it is suggested that users should never put any personal data on websites they find on third-party resources even if they have logos of well-known brands.
Users can also pay attention to the domain of the page as scammers often register domain names with mispronounced names, as was the case with Facebook Messenger.
Posts
