Hackers are sending fake copyright infringement notices to Facebook users to steal their credentials, a new research by Avanan has found.
In a phishing attack that primarily targets organization accounts, users would receive fake copyright infringement notices threatening to terminate their pages – unless they immediately take action.
"Your account has been suspended. This is because your account, or activity on it, doesn't follow our Community Standards," read one of such messages shared by Avanan.
The fake notice went on to say that a photo uploaded to the account's page violated Facebook's copyright infringement policy and that the decision could be appealed within 24 hours.
"If you miss the deadline, your account will be permanently disabled," the message warned, instructing to follow a link to make an appeal.
While the link looked legitimate, hovering over it made it clear it did not lead to a Facebook-related page, Avanan said. Instead, it led to a credential-harvesting website.
Researchers also noted that the sender's address was visibly fake but said the spoof email was otherwise "fairly believable." Like all effective phishing schemes, it plays on the urgency of a matter and even mentions the page it targets by name.
Organizations that rely on their Facebook page for advertisement, awareness, and other business activities could be particularly vulnerable, Avanan said.
"Filing a quick appeal seems reasonable. That's where the hackers try to get you," it said, adding that "waves" of these emails indicate the scam was working.
"When we see a number of similar attacks spoofing the same brand, we know that the hackers are getting people to bite," researchers noted.
Security professionals advise users to always hover over all links before clicking them and double-check sender addresses to avoid getting duped. Instead of clicking on the link in the email, it is advisable to log into the Facebook account directly to check its status.
Source: cybernews.com
