Facebook phishing campaign nets millions in IDs and cash

2022-06-09 17:46

An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful.

The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account.

"In terms of what lands in , it's a link generated using a legitimate service that Facebook could not outright block without blocking legitimate apps and links as well," Pixm said in its blog post reporting the campaign.

As mentioned above, Pixm identified some 400 unique phishing pages; an analysis of a random 17 of them showed an average of 985,228 page views.

Pixm claims to have identified the individual behind the campaign and has handed their evidence over to INTERPOL and the police in Columbia, where the person they identified allegedly operates out of.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/06/09/facebook_phishing_campaign/

#facebook #IDS #phishing

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Facebook		29	0	11	46	54	111