An international research conducted by analysts at cyber intelligence company Group-IB found more than 1000 fake accounts on the messaging app Facebook Messenger over the last year. These fake accounts promoted ads on the website offering users the ability to upgrade to a newer version of Facebook Messenger, which didn’t exist. Innocent users who clicked on the link saw their Facebook login credentials stolen and misused by cybercriminals. This large-scale scam was discovered in over 80 countries worldwide in Europe, North and South Americas, Asia, and the Middle East, according to CyberNews.
Group-IBs head of digital risk protection in Europe, Dmitry Tiunkin, stated that in today’s digital environment users are fascinated by such ads and promotions which offer to improve their online experience. This aspect has been noticed by cybercriminals who have begun to use this opportunity to take advantage of users’ innocence and naivety to conduct mass scamming operations.
How it Was Done
In the report published by Group-IB, the observed number of posts on Facebook which invited users to click on suspect links to download the Messenger update was more than 5,700. Despite being displayed on Facebook itself, the link required users to input their Facebook login credentials once again, which tricked people into believing it was some form of a verification check.
To increase the legitimacy of the app, fraudsters created Facebook accounts and pages with names similar to Messenger, such as ‘Messanger’ or ‘Messsengar.’ Alongside this, the actual logo of the Messenger app was put in the profile picture for these accounts, which tricked others into believing that it was authentic.
Facebook possesses a rigorous scam filter that detects unsolicited posts and links, which helps to identify spam accounts and suspend them. The hackers bypassed this security check by using popular URL shortener platforms. This allowed scammers to continue with their operations without alerting the algorithm. Once users clicked on these links, they were redirected to a supposed Facebook Messenger download website that requested a Facebook email address and password to access it.
It is said in the report that in order to reel in users, the update advertised fake features such as the ability to find out who viewed your profile, to be able to see previously deleted messages sent to you, or even an upgrade to the non-existent Messenger Gold service. On some occasions, users were told to update the app to prevent their Facebook accounts from being banned.
More Platforms Targeted?
Cybercriminals have relished the opportunity to scam users through Facebook recently. At the start of April, more than 533 million Facebook users saw their personal information leaked online. The CyberNews investigation team stated that this data has been available for sale on an online forum since June of last year. However, the same data was published online, later on, free of charge, indicating that this may be just the beginning of scams facing the social media platform.
Aside from Facebook, LinkedIn and Clubhouse also saw recent breaches in data, with both websites having seen leaked information of users being put up on online forums, which begs the question: is any social media website safe from scammers? And what will they do to ensure they provide a secure service to maintain users’ privacy.