The hackers they constantly update the attack methods they use in order to be successful. The security measures, the updates and also the greater knowledge of the users means that what used to work for them before, now maybe not. In this case they use a new trick that is based on using both email and Facebook. We are going to explain what it consists of and what you should do to avoid problems and prevent information or passwords from being stolen.
New Phishing uses Facebook and email
The Phishing it basically consists of sending a false message to the victim. It may contain a link that takes them to a page they have created to steal passwords, for example. Email providers, such as Gmail, have greatly improved filters and most of these emails end up in the Spam folder or never arrive.
For bypass that block, what cybercriminals have now come up with is a trick that combines Facebook and email itself. What they do is use Facebook posts as part of the attack to trick them into handing over certain data and information. They send an email alerting you to an alleged copyright infringement issue in that Facebook post.
As they usually do, they play with time. They alert the victim that because of that alleged infringement in 48 hours they will delete the account if they do not send an appeal to prevent it from happening. They use a supposed Facebook page, with the logo included, with a false link that actually leads to a Phishing site.
That link leads to a fraudulent page where they will ask for complete information such as name, telephone number, Facebook username, etc. By sending this data, that site also collects information such as the victim’s IP or geolocation. The goal is to gain control of the Facebook account.
It should be noted that these false links generally appear shortened. In this way they prevent the victim from seeing a long, strange URL, and suspecting more than one possible scam and never clicking.
How to avoid these attacks
So what can we do to prevent these types of attacks? Unfortunately, this trick that combines Facebook and mail is not something isolated. That is, there are many similar attacks that can target your bank accounts, other social networks, etc. Is essential avoid making mistakes. Never log in via links that may come to you via email or social media, even if they appear to be official. Ideally, you should go directly to the official website and in case of doubt, contact that platform.
It is also important that you have a good anti virus. In this way, your system will be protected and you will be able to detect threats in the form of malware that you can download by mistake. For example, a keylogger that collects your passwords, spyware, trojans, etc. There are many types of malicious software.
On the other hand, having the updated device it will be of great help. It is very important to correct possible vulnerabilities that may exist. Always check this and make sure you have the latest versions installed.
In short, as you can see, we are facing a new campaign that seeks to steal Facebook accounts. Avoiding the hijacking of social networks is essential to avoid problems. You can take into account the advice that we have given to avoid stealing passwords or sneaking in some malware.
