Attackers distribute offers to install the “latest update” of the messenger disguised as official Facebook posts. Victims risk losing access to their accounts and “leaking” their personal data
Experts from Group-IB Company, engaged in the prevention of cyberattacks and investigations of cybercrimes, discovered a fraudulent scheme used by criminals to trick users of Facebook, the most popular social network in the world, and to steal their personal data.
As specialists found out, the scammers were spreading fake posts on the Internet, in which they offered users to update the Facebook Messenger application. At the same time, the name of the fake application, as a rule, was different from the original by several characters: for example, Messanger or Meseenger.
The publications used a real Facebook Messenger icon to make it more authentic. At the same time, the scammers wrote in posts about new messenger features, some of which were fictitious. In particular, they offered their potential victims to download a non-existent Gold version of the messenger.
The message also contained a short link, which led users to a phishing site with a form for authorization. As a result, users risked giving fraudsters their personal data and access to their Facebook account.
The scheme was discovered in the summer of 2020. By April 2021, the number of fraudulent posts, in which users were offered to update their messenger, reached 5.7 thousand. According to Group-IB, cybercriminals targeted users from 84 countries, including Europe, Asia, North and South America.
According to Group-IB, in order not to become a victim of fraudsters, it is necessary to download applications and updates only from the official stores of mobile applications and trust only verified accounts of the companies from which advertising publications are sent.
In addition, experts advised to follow short links with caution and always carefully check the domain name, since attackers often register similar names. “Log in the messenger only on the official site and in official applications!”, urged the experts urged.
Earlier, E Hacking News reported that a new vulnerability has been discovered that could enable a remote attacker to deactivate WhatsApp on one’s phone using nothing more than their phone number.