A brand new phishing campaign using a fake assistant on Messenger has just been discovered by the cybersecurity company SpiderLabs. Hackers use this fraudulent way to gain access to your Facebook credentials and personal data.
It is definitely not good to surf on Facebook right now. While the Brazilian police have just got their hands on Metaverse hackers and hackers have already hijacked millions of Facebook accounts, the cybersecurity company SpiderLabs has just discovered a brand new phishing campaign.
This time around, the method has evolved somewhat, and cybercriminals now use fake Messenger chatbots to steal sensitive user information. Concretely, the victims are taken in with receiving an email pretending to be Facebook. He claims that the victim’s page ” violates the community standards of the site and that the account will be terminated within 48 hours “. The email also and above all contains a link that gives the victim the possibility of appealing the suspension of your account. A link that is often followed by victims, the latter fearing that their Facebook page will disappear for good.
This fake Facebook chatbot is trying to steal all your personal data
In this case, the victim who unfortunately clicks on the link is redirected to a website hosted on Google Firebase. This one is disguised as fake facebook assistant and it is often at this stage that the victim is taken in for good. Because the hackers will then ask for more personal information from the victim, such as email addresses, first and last names, mobile phone numbers and of course passwords.
You must know that ” Chatbots have a huge role in digital marketing and live support, so it’s no wonder cybercriminals are now abusing this feature. People are not inclined to be suspicious of its content, especially if it comes from a seemingly authentic source said the cybersecurity firm’s report.
Are we then heading towards a massive and uncontrollable hacking of personal data through this scam? Not really. Because the system put in place by hackers has some shortcomings. The fraudulent chatbot, for example, opens in a new tab, which should alert you. Then, the malicious email message contains several spelling and grammatical errors. While the page that has the fake assistant in question has an identifier with several numbers and symbols, which again should give you a clue.
Source: Trustwave