Over 1,000 fake Facebook accounts were discovered in a large-scale scam aimed at Facebook Messenger users in over 80 countries worldwide, claims research by a team of analysts at cyber intelligence company Group-IB.
Researchers claim that fake accounts were distributing ads promoting an ‘updated version of Facebook Messenger.’ The move allowed cybercriminals to harvest users’ login credentials in Europe, North and South Americas, Asia, and the Middle East.
“Living in the era of instant-everything, clicking on an attractive ad, proposal, headline became a natural human reflex. This didn’t come unnoticed by fraudsters who have been relentlessly feeding on users’ carelessness,” Dmitry Tiunkin, Group-IBs head of digital risk protection Europe is quoted in a press release.
Carrot and stick
The report claims that the number of Facebook posts penned to invite users to install the fraudulent app reached 5,700. Ironically, scammers used Facebook to trick users into giving their credentials to log in to Facebook.
Fraudsters registered accounts that resemble the real app by using somewhat similar names such as ‘Messanger,’ ‘Meseenger,’ ‘Messsengar’ and used the official logo for the real Messenger app as the profile picture for the fake pages and accounts.
To bypass Facebooks’ scam filters, threat actors used popular URL shortener platforms. Clicking on a link led victims to a supposed Facebook download site that requested to provide an email address and password to Facebook. To keep appearances, fraudsters employed a user interface that closely resembles Facebook Messenger.
The report claims that to lure users in, the fake update was said to allow users to find out who visited one’s profile and see the deleted messages or even offered to shift to Gold Messenger. Some users were blackmailed into updating by fraudsters claiming that Facebook accounts without the update will get banned.
Facebook users have been at the forefront of cybercriminals in the past weeks. At the beginning of April, 533M Facebook users’ personal data leaked online. According to the CyberNews investigation team, this database has been for sale on the same forum since last June.
However, the same data was later published online for free, meaning it is highly probable that scammers will target more Facebook users in the future.
Facebook hasn’t been the only social platform to suffer from leaks recently. LinkedIn and Clubhouse users’ data was also leaked this month, raising questions about whether social networks take their users’ data privacy seriously.
To see if your email address has been exposed in this data leak or other security breaches, use our personal data leak checker with a library of 15+ billion breached records.