Cyber criminals now use messaging apps to harvest data – FBI
The Federal Bureau of Investigation (FBI) agents have issued a
warning about a new scam that targets instant messaging apps, including
Facebook Messenger.
The scam attempts to trick users into opening a malicious link that harvests their personal data and login credentials for social networks, like Facebook.
In a bid to coerce people into opening the suspicious URL, cyber criminals pose a question to their targets: ‘Hey I saw this video. Isn’t this you?’
Although the original warning from the FBI highlighted Facebook Messenger as a particular platform of concern, this has since been amended after the scam was found on other rival platforms.
It’s unclear how many people have been hit by the latest scam, or how exactly cyber criminals are generating revenue.
However, email address and password combinations used to login to popular social networks and websites are regularly sold on the dark web.
The most common version of the scam highlighted by the FBI’s Portland office takes the user to a fraudulent website designed to resemble the Facebook login page.
The webpage is a fake controlled by a fraudster who is able to steal any details inputted by users mistakenly believing they’re logging into their Facebook account.
If people use the same email address and password combination on other websites, hackers can use the stolen details to login to those as well.
This can allow criminals access to online banking, or frequent flyer miles.
Other forms of the scam can be more direct in approach, taking targeted users to a page that automatically harvests their login credentials, the FBI warns.
According to the FBI staff member, they first witnessed the scam after they were contacted by a friend on Facebook Messenger.
‘The message included a video link and read: “Hey I saw this video. Isn’t this you?”,’ the FBI agent explained. ‘I was suspicious, so I didn’t click on the link.
‘The next day he contacted me outside of the app and said that fraudsters had hacked his account and to not click on any of the links that were sent because they contained a computer virus.’
Warning the public, the FBI said: ‘The best way to spot and avoid these scams is to avoid clicking on any links that you receive from friends or family until you contact the sender outside of app to verify that he was the one who really sent the message.
‘If you are concerned about the legitimacy of a particular account, report it through Facebook.’
The scam attempts to trick users into opening a malicious link that harvests their personal data and login credentials for social networks, like Facebook.
In a bid to coerce people into opening the suspicious URL, cyber criminals pose a question to their targets: ‘Hey I saw this video. Isn’t this you?’
Although the original warning from the FBI highlighted Facebook Messenger as a particular platform of concern, this has since been amended after the scam was found on other rival platforms.
It’s unclear how many people have been hit by the latest scam, or how exactly cyber criminals are generating revenue.
However, email address and password combinations used to login to popular social networks and websites are regularly sold on the dark web.
The most common version of the scam highlighted by the FBI’s Portland office takes the user to a fraudulent website designed to resemble the Facebook login page.
The webpage is a fake controlled by a fraudster who is able to steal any details inputted by users mistakenly believing they’re logging into their Facebook account.
If people use the same email address and password combination on other websites, hackers can use the stolen details to login to those as well.
This can allow criminals access to online banking, or frequent flyer miles.
Other forms of the scam can be more direct in approach, taking targeted users to a page that automatically harvests their login credentials, the FBI warns.
According to the FBI staff member, they first witnessed the scam after they were contacted by a friend on Facebook Messenger.
‘The message included a video link and read: “Hey I saw this video. Isn’t this you?”,’ the FBI agent explained. ‘I was suspicious, so I didn’t click on the link.
‘The next day he contacted me outside of the app and said that fraudsters had hacked his account and to not click on any of the links that were sent because they contained a computer virus.’
Warning the public, the FBI said: ‘The best way to spot and avoid these scams is to avoid clicking on any links that you receive from friends or family until you contact the sender outside of app to verify that he was the one who really sent the message.
‘If you are concerned about the legitimacy of a particular account, report it through Facebook.’
No comments