MILLIONS of Facebook users have been fooled by a phishing scam that tricks victims into revealing their account details – leaving them open to attack.
According to experts, the scam is still active on the social networking site.
Researchers said the Facebook credential-gathering campaign has been active since September 2021, and at a scale that “has potentially impacted hundreds of millions of users.”
The company found that one of the cybercriminals they were pursuing had managed to use the scam to steal a million credentials in just four months.
Facebook owner Meta has yet to respond to our request for comment regarding the scam.
How to know if you have been scammed
Since the scam works by tricking users into revealing their Facebook credentials via numerous phishing sites, anyone who has been a victim of this attack will be redirected to a website with ads and surveys after completing the fake login page.
Her Facebook account would then be used to further spread the campaign, likely through Messenger.
So, your contacts will receive messages from you asking them to login on the same dummy page you were tricked by.
This is how you stay safe
Certified security specialist and security consultant, James Boretold The Sun that people need to stay more vigilant than ever when using Facebook, especially after the discovery of this phishing campaign.
“Although these phishing attacks may seem obvious, they can catch even cautious or experienced users in a moment of inattention,” he warned. “There are a huge number of these scams out there because they are very profitable for the criminals behind them.”
He recommends that the most useful thing you can do to stay safe is to develop the habit of stopping and checking whenever you’re asked to do something unusual or new.
Common sense is the best weapon against this type of attack.
Examine the website You must make sure it’s legitimate before disclosing any confidential information.
However, some of the new methods used by attackers are becoming increasingly convincing, allowing even the most experienced users to fall victim to this type of attack.
If you think you’ve been hit by this attack, report it on Facebook the necessary channels of the site and change your account password immediately. Also, make sure to turn on two-factor authentication if you haven’t already.
The UK’s National Cyber Security Center also recommends reporting the hack or similar via the Action Fraud websitethe UK’s national fraud and cybercrime reporting agency.
- Read the latest phone and gadget news
- Stay up to date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
The best tips and hacks for phones and gadgets
Looking for tips and hacks for your phone? Want to find these secret features in social media apps? We’ve got you covered…
Get the latest news about WhatsApp, Instagram, Facebook and other tech gadgets here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at firstname.lastname@example.org
https://www.thesun.ie/tech/9008947/facebook-hack-phishing-millions-attack/ Alerting EVERY Facebook user after “Hundreds of Millions” of stolen logins – what you need to do