Social media platforms are a prime target for hackers and fraudsters. They hijack accounts to steal data, spread malware and dangerous lies.

A hacker who gains access to one of your accounts can use your information to log into other accounts. A security researcher was recently able to access Facebook accounts that were logged in with Gmail credentials. Tap or click here for our report.

Facebook Messenger is used by nearly a billion people every month. Of course, this makes it irresistible to cybercriminals. A new phishing attack that steals login credentials is making the rounds on Messenger. Here’s how it works and how to avoid it.

Here’s the backstory

Since so many people use Messenger, Facebook uses chatbots to communicate with customers. This is standard practice for many large companies. Chatbots act as live support and either answer your questions or use them to direct you to the appropriate customer support representative.

Trustwave discovered a phishing campaign targeting people who run Facebook pages. It starts with an email claiming that your page will be suspended within 48 hours for violating Facebook’s community standards. Since many break these rules without realizing it, the threat seems legitimate.

Here’s an example of what the message might look like:

You can appeal the decision by clicking on the “Appeal Now” link. This opens a Messenger conversation with a chatbot. If you’re not signed in to Messenger, you’ll be prompted to do so. This is a legit Messenger chatbox. However, the chatbot is a fraud.

CONNECTED: Is this viral Facebook post about ‘cloning’ accounts true or false?

Something is wrong with this account

The profile behind the “chatbot” is a typical Facebook page with no followers and no posts (red flags under any circumstances). However, this seemingly inactive page is rated as “Very Responsive”, meaning the manager responds to 90% of messages within 15 minutes.

The page even uses the Messenger logo as its profile picture. A bit on the nose, don’t you think?

The fake chatbot sends another Appeal Now button in the conversation. Clicking takes you to a site masquerading as a Facebook Support Inbox. Trustwave was quick to point out that the case number in the support URL on the page did not match the one in the support box URL.

Scroll down past the “Open” and “Appeal” buttons, which don’t even function, and you’ll find fields to fill in a name, phone number, and email address. Submit the information and you will receive a popup asking for your password. If you haven’t felt suspicious by now, this should do it.

All your information is sent to the scammer’s database. But they’re not done with you yet.

A final parting gift

You’ll then be redirected to a fake two-factor authentication page that requires the six-digit PIN just sent to your phone via text. It doesn’t matter what you put in — they have all your information and now they’re just trying to look more legitimate.

The final step in the scheme is to redirect you to the actual Facebook Help Center page. Fortunately, the fake Facebook support page and phishing website have been removed. This does not mean that this type of fraud cannot happen again.

What to watch out for

There are steps you can take to secure your Facebook account. In fact, these general guidelines work for almost any account you have:

  • Never click on a link or download an attachment from an unsolicited email or message.
  • Set up two-factor authentication (2FA) on all accounts that offer it, including social media and banking sites. The added security method drastically reduces your chances of getting hacked as you have to check all login attempts manually.
  • Typos and careless errors are major problems.
  • Keep your operating systems, applications and devices updated with the latest official software and patches.
  • Have reliable antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan for TotalAV Internet Security for only $19 per ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Facebook Tracks Your Every Move – Here’s the Proof

There’s a hidden second message folder on Facebook – Here’s how to find it

Make this chat mistake and you might be handing over your Facebook password

Previous articleThe best new features in .NET 6
Next articleCalifornia approves gas tax breaks. When does your money come?