Security News > 2020 > October > Facebook “copyright violation” tries to get past 2FA – don’t fall for it!

Facebook “copyright violation” tries to get past 2FA – don’t fall for it!
2020-10-27 19:58

Notification of Alleged Copyright Violation Recently there have been reports citing copyright violations of your Page posts.

The link on the Facebook page above looks as though it stays on facebook.com, but the URL you see in blue above isn't the URL you visit if you click it.

The link on the fraudulent Facebook page in this scam takes you off to an external site using a.CF domain.

Interestingly, and ironically, the crooks have made the password entry form look like an additional security precaution, thus justifying the password prompt even if you are already authenticated to the real Facebook site.

The crooks also try to trick you into entering in the 2FA code from the Facebook app on your phone, potentially giving them a one-shot chance to login as you directly from their server, even if you have 2FA enabled.


News URL

https://nakedsecurity.sophos.com/2020/10/27/facebook-copyright-violation-tries-to-get-past-2fa-dont-fall-for-it/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 30 2 44 52 19 117