ESET network security experts have discovered a new scam that is hijacking Facebook users’ accounts to send malicious spam to more people. As noted in the announcement, a new threat spread by Facebook Messenger relies on a personalized message asking for help in an anonymous vote.
Phishing is designed to use the name of a potential victim. This is known, but unfortunately, it is still believed, cunning by cyber criminals. After entering the given contacts, a fake Facebook login page is displayed. Fraudsters take the victim’s account and further spread spam use captured data with its help. In the next step of the trap, the user is asked to provide additional personal information, says Kamil Sadkowski, a senior threat analyst at ESET.
The hijacked Facebook accounts were used to raise money!
CERT Polska, on the other hand, reports on the use of hijacked Facebook accounts to make money. Contrary to the warnings we have warned against now, this time criminals send a link leading to a fake PayU payment gateway. Then the victim has the option to choose the payment method, and currently the only option that works to transfer by logging into electronic bank account added.
As a result, providing real-time access to fake websites leads to the theft of money from a hijacked account. Experts say they have warned several times about the alleged fraudulent scheme using hijacked Facebook accounts.