A widespread Fb phishing marketing campaign stating, “I can not consider he’s gone. I am gonna miss him a lot,” leads unsuspecting customers to an internet site that steals your Fb credentials.
This phishing assault is ongoing and broadly unfold on Fb by good friend’s hacked accounts, because the menace actors construct a large military of stolen accounts to be used in additional scams on the social media platform.
Because the posts come from your pals’ hacked accounts, they appear extra convincing and reliable, main many to fall for the rip-off.
The phishing marketing campaign began round a 12 months in the past, with Fb having hassle blocking the posts as they proceed to today. Nevertheless, when new posts are created and reported, Fb deactivates the Fb.com redirect hyperlink within the publish in order that they not work.
“I can not consider he’s gone” rip-off
The Fb phishing posts are available in two varieties, with one merely stating, “I can not consider he’s gone. I am gonna miss him a lot,” and containing a Fb redirect hyperlink.
The opposite makes use of the identical textual content however exhibits what seems to be a BBC Information video of a automobile accident or different crime scene, as proven under.
Supply: BleepingComputer
When BleepingComputer examined the hyperlinks within the phishing posts, they introduced us to totally different websites relying on the kind of gadget you might be utilizing.
Clicking on the hyperlink from the Fb app on a cellular gadget will convey guests to a faux information website referred to as ‘NewsAmericaVideos’ that prompts them to enter their Fb credentials to verify their identification and watch the video.
To entice a customer to enter their password, they present what seems to be a blurred-out video within the background, which is solely a picture downloaded from Discord.
Supply: BleepingComputer
When you enter your Fb credentials, the menace actors will steal them, and the location will redirect you to Google.
Whereas it isn’t recognized what the stolen credentials are used for, the menace actors probably use them additional to advertise the identical phishing posts by the hacked accounts.
Visiting the phishing pages from a desktop pc causes a distinct conduct, with the phishing websites redirecting customers to Google or different scams selling VPN apps, browser extensions, or affiliate websites.
This phishing rip-off is broadly unfold, with BleepingComputer seeing quite a few posts created every day by family and friends who unwittingly had their accounts hacked by the identical rip-off.
As this phishing assault doesn’t try to steal two-factor authentication (2FA) tokens, it’s strongly suggested that Fb customers allow 2FA to stop their accounts from being accessed in the event that they fall for a phishing rip-off.
As soon as enabled, Fb will immediate you to enter a novel one-time passcode every time your credentials are used to log in to the location from an unknown location. As solely you should have entry to those codes, even when your credentials are stolen, they can not log in.
For the perfect safety, when enabling two-factor authentication on Fb, use an authentication app relatively than SMS texts, as your telephone quantity could be stolen in SIM swapping assaults.
Replace 1/21/24: Article up to date to make clear this phishing marketing campaign began a 12 months in the past.
