Facebook Messenger users in over 80 countries hit by large-scale scam

According to analysts at a Singapore-based cybersecurity firm Group-IB, cybercriminals distributed ads promoting an allegedly updated version of Facebook Messenger to harvest users’ login credentials.

April 22, 2021 07:02 pm | Updated 10:53 pm IST

Facebook ad promoting a fake Facebook Messenger update.

Facebook ad promoting a fake Facebook Messenger update.

(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)

Users of Facebook Messenger have been targeted in a large-scale scam campaign in at least 84 countries including Canada, the United States, France, Germany, Italy, Singapore, Malaysia, and South Africa.

According to analysts at a Singapore-based cybersecurity firm Group-IB, cybercriminals distributed ads promoting an allegedly updated version of Facebook Messenger to harvest users’ login credentials. The firm found about 1,000 fake Facebook profiles that were involved in the scam.

To draw users’ attention, fraudsters registered accounts with names similar to the real app, such as ‘Messanger’, ‘Meseenger’, and ‘Masssengar’, and used Facebook Messenger's official logo in their profile picture.

“To facilitate the moderation process in Facebook and to bypass its scam filters, scammers shortened links created with the help of services like linktr.ee, bit.ly, cutt.us, cutt.ly, and rb.gy,” Group-IB wrote in a blog post.

Once a user clicked on the fake app download link, they were directed to a fake Facebook Messenger website with a login form, where they were asked to enter their credentials. Cybercriminals used blogspot.com, sites.google.com, github.io, and godaddysites.com to register fake Facebook Messenger login pages.

Also Read : Explained | How Facebook’s recent data breach affect its users

Scammers added features like the possibility to find out who visited an user profile and saw the messages that were deleted, or even offered to shift to Gold Messenger to lure users into following the link.

Cybercriminals also threatened users that if they didn’t sign up on the fake page, their account would be banned forever.

“The safety and security of our users is always our top priority and we are investigating this matter,” a Facebook spokesperson said.

“We have a zero-tolerance policy to scams on our services and take immediate action to remove illegal activity as quickly as possible, and strongly encourage users to report any suspicious activity.”

Group-IB advised users to be cautious while following shortened links and raise a red flag if it leads to a poll or one-page blog. Besides, it suggested that users never enter any personal data on websites to which they got from third-party resources even if they have logos of well-known brands.

Users can also pay attention to the domain of the page as fraudsters often register domain names misspelling brand names, as it was the case with Facebook Messenger.

Top News Today

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.