Security News

Facebook 2FA phish arrives just 28 minutes after scam domain created
2022-07-01 20:01

At 19 minutes after 3 o'clock UK time today , the criminals behind this scam registered a generic and unexceptionable domain name of the form control-XXXXX.com, where XXXXX was a random-looking string of digits, looking like a sequence number or a server ID:. 28 minutes later, at 15:47 UK time, we received an email, linking to a server called facebook. We've highlighted the error message "Password incorrect", which comes up whatever you type in, followed by a repeat of the password page, which then accepts whatever you type in.

Malicious Messenger chatbots used to steal Facebook accounts
2022-06-28 13:00

A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. In a new campaign discovered by TrustWave, threat actors use chatbots to steal credentials for managers of Facebook pages, commonly used by companies to provide support or promote their services.

Messenger chatbots now used to steal Facebook accounts
2022-06-28 13:00

A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. In a new campaign discovered by TrustWave, threat actors use chatbots to steal credentials for managers of Facebook pages, commonly used by companies to provide support or promote their services.

Inside a large-scale phishing campaign targeting millions of Facebook users
2022-06-23 04:30

In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a massive phishing campaign has successfully stolen an estimated five million Facebook accounts. The campaign continues to spread virally through Facebook Messenger on mobile devices as the primary target vector.

Facebook Messenger Scam Duped Millions
2022-06-16 10:59

For months now, millions of Facebook users have been duped by the same phishing scam that cons users into handing over their account credentials. According to a report outlining the phishing campaign, the scam is still active and continues to push victims to a fake Facebook login page where victims are enticed to submit their Facebook credentials.

Facebook phishing campaign nets millions in IDs and cash
2022-06-09 17:46

An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger. Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful.

A cybercriminal stole 1 million Facebook account credentials over 4 months
2022-06-09 17:03

A cybercriminal stole 1 million Facebook account credentials over 4 months. As phishing attacks continue to be a go-to for threat actors, one scam found that a user had stolen a million Facebook account credentials over a span of just four months.

Massive Facebook Messenger phishing operation generates millions
2022-06-08 18:54

Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements. While it is unknown how the campaign initially started, PIXM states victims arrived at phishing landing pages from a series of redirects originating from Facebook Messenger.

Facebook opens political ad data vaults to researchers
2022-05-24 16:30

Meta's ad transparency tools will soon reveal another treasure trove of data: advertiser targeting choices for political, election-related, and social issue spots. Meta said it plans to add the targeting data into its Facebook Open Research and Transparency environment for academic researchers at the end of May. The move comes a day after Meta's reputation as a bad data custodian resurfaced with news of a lawsuit filed in Washington DC against CEO Mark Zuckerberg.

Facebook rated least safe e-commerce option in government rankings
2022-05-17 07:55

A newly implemented e-commerce rating system in the city-state of Singapore has rated Facebook's Marketplace as the least trustworthy e-commerce platform, behind Amazon and its Alibaba-owned Asian analogue Lazada. The ratings system, known as the E-commerce Marketplace Transaction Safety Ratings [PDF], was launched on May 14th by the Inter-Ministry Committee on Scams.