Security News > 2022 > June > Massive Facebook Messenger phishing operation generates millions
Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements.
While it is unknown how the campaign initially started, PIXM states victims arrived at phishing landing pages from a series of redirects originating from Facebook Messenger.
As more Facebook accounts were stolen, the threat actors used automated tools to send further phishing links to the compromised account's friends, creating massive growth in stolen accounts.
While Facebook has protection measures to stop the dissemination of phishing URLs, the threat actors used a trick to bypass these protections.
By diving deeper, the researchers identified 405 unique usernames used as campaign identifiers, each having a separate Facebook phishing page.
These phishing pages had page views ranging from only 4,000 views to some in the millions, with one as high as 6 million page views.