Facebook Phishing Campaign Attempts to Steal User Credentials

A Facebook phishing scam is proliferating across the globe, attempting to trick users of the social media platform into divulging their Facebook account credentials. Researchers at F-Secure first detected messages targeting Swedish users on October 15 and, a few days later, observed the active targeting of Finnish and German users. The malicious actors behind the campaign use compromised Facebook accounts that lack two-factor authentication (2FA) protection to post shortened URLs on Facebook pages and send direct messages to other users via Facebook Messenger. The shortened URLs masquerade as links to YouTube videos; however, when clicked, they redirect users to a fraudulent Facebook login page designed to collect the login credentials to additional accounts. The NJCCIC recommends Facebook users review the F-Secure report, educate themselves on similar tactics, and avoid clicking on links in unexpected messages until their legitimacy has been verified by the message sender. In addition, users should remain cautious of shortened and obfuscated links, as they can be used to effectively mask malicious sites, and ensure that 2FA is enabled for all accounts that offer it to prevent unauthorized access resulting from compromised credentials. Those users who have entered their credentials into the phishing page are advised to change their passwords and enable 2FA immediately.