(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
Security researchers have uncovered a phishing and credit card fraud operation that targeted hundreds of thousands of Facebook users.
According to cyber security firm vpnMentor, the scam was discovered after researchers found an unsecured database containing 13.5 million records, totalling over 5.5GB of data, used by fraudsters to store private data of victims.
While the data came from a short timeframe, between June and September 2020, researchers believe the scam was probably much more extensive and had been operating for far longer.
Cybercriminals tricked Facebook users into providing login credentials for their private accounts through a tool pretending to reveal who was visiting their profiles.
They then used the stolen login credentials to share spam comments on Facebook posts, directing people to their network of websites that led to a fake Bitcoin trading platform used to scam people out of deposits of at least €250.
They were posting links directly to websites in the Bitcoin scheme, alongside many fake news websites and similar spam content to bypass and confuse Facebook’s fraud and bot detection tools.
However, the fake news websites created by the fraudsters eventually directed people to their Bitcoin websites. Occasionally, cybercriminals would also share links to legitimate news websites like the Washington Post for the same purpose.
vpnMentor says the operation was wide-ranging, and spanned the entire globe.
Researchers discovered the database on September 21 and contacted Facebook to notify the company of the fraud on its platform. While they were investigating further, the database was attacked and all the information wiped out. The database went offline the same day and was no longer accessible, the cybersecurity firm said.
“We believe the fraudsters did this following the Meow attack, but can’t confirm,” vpnMentor said in a report.
The team discovered hundreds of website domains in multiple international languages to lure users from different nationalities into the bitcoin scam.
Researchers advised Facebook users who think they have been victims of this fraud to change their login credentials immediately.
Additionally, they can change the reused Facebook password on any other accounts to protect them from hacking. They also asked users to never provide usernames and passwords for Facebook, email, or financial accounts to external websites.