Security News > 2022 > June > Facebook phishing campaign nets millions in IDs and cash

Facebook phishing campaign nets millions in IDs and cash
2022-06-09 17:46

An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful.

The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account.

"In terms of what lands in , it's a link generated using a legitimate service that Facebook could not outright block without blocking legitimate apps and links as well," Pixm said in its blog post reporting the campaign.

As mentioned above, Pixm identified some 400 unique phishing pages; an analysis of a random 17 of them showed an average of 985,228 page views.

Pixm claims to have identified the individual behind the campaign and has handed their evidence over to INTERPOL and the police in Columbia, where the person they identified allegedly operates out of.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/06/09/facebook_phishing_campaign/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 30 2 44 52 19 117