Facebook is the number one target for scammers, with three out of four websites imitating the platform, new research finds.
A Norton Labs study revealed eight ways in which scammers prey on vulnerable users, with Facebook being at the top of the threat actors’ list.
With over four billion users, social media has received much attention from scammers. And while attacks are getting more sophisticated, certain vectors remain the same.
For example, classic login phishing is still widely used. Cybercriminals create fake websites that closely resemble real ones with hopes of stealing user credentials. Facebook (73%) and Instagram (17%) are amongst the most impersonated websites.
Similarly, crooks set up fake pages and report non-authorized access to a user’s account, aiming to scare them into revealing sensitive information.
Another common attack vector includes the so-called copyright violation notice. Pretending to lock the victim’s account, threat actors convince them to provide login credentials to receive access to the profile.
Criminals also create websites that claim to provide verified badges. These are commonly used to distinguish verified or popular accounts, with users eventually receiving more exposure. Malicious actors use these websites to lure victims into giving their details in exchange for a badge or threaten to take the badge away from verified accounts if they do not log in through a phishing website.
However, users often voluntarily subject themselves to potential hacking. Some opt for hacking services to get access to others’ accounts (for example, an unfaithful partner) or to receive personal information, such as someone’s email address.
“In most cases, the goal of these campaigns is not to steal credentials, but to continuously redirect victims and monetize from other services such as ads or surveys,” the report explains.
Certain malicious hackers also offer fake follower generator services at low or no cost. Users who accept such an offer may be redirected to attacker-controlled websites that display ads, forced to install malicious software, or give up their log in details.
More advanced phishing campaigns intercept temporary codes to break into profiles with two-factor authentication enabled.
"Those tokens are generally tied to the victim’s device and allow to perform privileged operations such as modifying personal details or login credentials.”
Finally, by posing as prominent social media brands, threat actors pretend like there is a problem with the victim’s account and deceive them into providing credit card details.
More from Cybernews:
Subscribe to our newsletter