An intelligence firm has found that a cybercriminal obtained 1 million Facebook account credentials in four months as hundreds of Facebook users fell prey to phishing scams. A fake login portal has been used as a replacement for the Facebook landing page, according to PIXM, an anti-phishing company, and it turns out that the information of those who entered their account information on the page had been stolen.
When PIXM investigated the fake landing page further, it discovered a “reference to the actual server hosting the database server to collect entered users credentials” that was changed from the legitimate URL and led to a series of redirects.
PIXM has also detected a link to a traffic monitoring application within the code, allowing the anti-phishing company to view tracking metrics. As a result, PIXM detected not only traffic information from the cybercriminals page but also a large number of other fake landing pages.
The links were later discovered as coming from Facebook, where the threat actors could gain access to the victim’s account, then send malicious links in bulk to the victim’s group of friends in order to grow more account credentials.
Websites will post and generate fake Facebook landing page URLs using services like glitch.me, Famous.co, amaze.co and funnel-preview.com, thus tricking individuals into entering and stealing their account information.
According to the researchers, the phishing scams were traced back to cybercriminals in Colombia and an email account used in the online attacks.
Phishing is a type of online fraud that targets consumers by sending them an email that appears to be from a known source, such as an Internet service provider, bank, or mortgage company. Requests personally identifiable information from the customer.
According to the researchers, after further analysis, the attacks appeared to be coming from a threat destination in Colombia, along with the perpetrator’s email address.
Read all the latest news and breaking news and watch the best videos and live TV here.