There's a new phishing scam that is targeting Facebook users, and it's scarier than others because it's disguised as a message from a friend. When it first began making the rounds someone fell victim to this sneaky scam every 20 seconds, according to security experts. This rapid expansion rate is why we're so concerned, and want to make sure that you know what to look for.
New phishing scams pop up all the time. That's why it's so difficult to tell which messages are real and which ones are fake. Luckily, in most cases, scammers unintentionally leave little clues that are major red flags and should tip you off. This particular scam has its own set of signs.
First, some background:
Starting in late June, thousands of Facebook users received a message from a friend letting them know they were mentioned in a post. In reality this message was sent by scammers and was the start of a two-stage attack.
A Trojan would be downloaded onto the user's device in the first stage. This particular Trojan installed a malicious Google Chrome browser extension onto the victim's computer.
The browser extension made the second stage of the attack possible. Once the victim logged back into Facebook through the compromised browser, the scammer could take over the account. Hackers could then steal data, make changes to privacy settings and continue spreading the scam by sending messages to the victim's Facebook friends.
Around 10,000 Facebook accounts were affected by this round of phishing. Most of the victims were in South America. Some users in Europe, Israel and Tunisia were also hit.