Gmail, Hotmail users beware! This fake email steals Facebook details
Gmail and Hotmail users are being advised to be on the lookout for a scam email disguising as a message from the Facebook Support team. Claiming the user's Facebook account might get deleted, it eventually steals their personal details, including usernames and passwords. The issue was flagged by Trustwave's cybersecurity experts who warned similar tactics might be used by fraudsters again in the future.
Why does this story matter?
The only purpose of these scam messages is to retrieve details of a user's Facebook account. If the same details (including email IDs and passwords) are used for other activities like banking and online shopping, a financial blow is quite possible. The fake Facebook pages associated with the con have reportedly been taken down. However, other cybercriminals might be motivated to take similar steps.
How are the victims duped?
The fraud email flagged by Trustwave was labeled "New message from Facebook." It said the user's page would get deleted within 48 hours for violating community standards unless they appeal the decision by visiting the support inbox. It also contains a fake link to chat with the Facebook Support team on Messenger, which is nothing but a trick to steal the victim's login details.
All details including two-factor authentication requested
As part of the appeal procedure, users are asked to provide their full name, mobile number, email address, and page name. Those who have enabled two-factor authentication in their account are also asked to furnish those details.
What are the warning signs?
There are a few ways to identify scam emails. Firstly, the sender's email address should be the one associated with the official Facebook domain instead of a garbled address. Secondly, there should be no grammatical errors in official correspondences. If you receive one with such errors, reach out to the official website of the organization in question and contact the concerned persons without delay.
'This campaign is a perfect social engineering technique'
Describing the gravity of the threat posed by scam messages, Trustwave said, "Chatbots serve a huge purpose in digital marketing and live support, so it is no wonder that cyber attackers are now abusing this feature." "The fact that the spammers are leveraging the platform that they are mimicking makes this campaign a perfect social engineering technique," it added.
