Posted on November 1, 2017 at 5:00 PM
A new phishing campaign has been targeted both Android and Apple users to steal their Facebook passwords.
A group of unknown hackers has recently launched a phishing campaign which targeted users via Facebook Messenger. So far, the campaign has mostly targeted users in Europe, including countries such as Germany, Sweden, and Finland.
Earlier this week, the security researcher from the Helsinki security firm, F-Secure, Frederic Vila confirmed that cybercriminals were targeting users by using a phishing page. The goal of the hackers is ostensible to gain access to the Facebook passwords of both Apple and Android users.
According to reports, the phishing campaign was launched by links imitating YouTube videos. Hackers used URL shortening tools to include “po.st” as well as “utm.io” in the links in order to misdirect the victim as to the real destination of the URL.
However, after an in-depth forensic analysis of the link information over a period of two weeks, researchers confirmed that this campaign has been active since 15 October. So far, the malicious links received 200 000 clicks.
F-Secure confirmed that the campaign evolved as an increasing amount of passwords were successfully stolen. In addition, the firm’s research also revealed that hackers attempted to exploit the compromised accounts for ad fraud.
In their report, Vila stated that the hackers responsible used the login credentials to continue to spread the dangerous links, which in turn, garnered them more stolen information.
Vila added that during this process, the hackers also aimed to gain access to other users, via ad-fraud.
Vila stated that an exacerbating factor to the phishing campaign is perhaps the fact that Facebook allows users onto the platform who use an email address as a username.
In the published report, Vila wrote that by merely commencing the phishing attack, hackers were able to access login credentials, which they then used for secondary attacks. These included gaining access to other platforms that could have more damaging effects, such as banking websites.
So far, Vila and his team have cautioned users to immediately change their passwords, both on Facebook and any other online network or service that uses the same password.
Facebook has often been the victim of phishing campaigns. Earlier this year in August, security researchers from the Russian firm, Kaspersky Lab, discovered that hackers were spreading malicious links via Facebook Messenger. The links directed users to advanced adware platforms.