In 2023, a surge of Facebook-inspired attacks preyed on users through the site’s Ad Manager service. Spoofed Facebook accounts continue to unleash assaults in the New Year. Avanan researchers have unveiled a new tactic: hackers exploiting Facebook copyright infringement notices to pilfer credentials.
Avanan, a part of the Check Point Company, is a provider of cloud email and collaboration suites as protection from cyber attacks that evade default and advanced security tools.
The attack involves sending fabricated copyright infringement notices via email, aiming to harvest credentials through social engineering and impersonation. The urgent appeal requirement within 24 hours directs users to a credential-harvesting page, not a legitimate Meta website.
These phishing emails capitalize on urgency and believability. They mention the page’s name and employ a seemingly authentic link. The threat of a 24-hour account suspension plays on the vital role of Facebook in business activities, making the appeal seem reasonable.
To counter these threats, users should always scrutinize URLs before clicking and verify sender addresses. Additionally, direct login to the Facebook account to check its status is recommended, rather than clicking on links in such emails.
As these attacks persist, vigilance is crucial. Staying alert and following best practices can fortify defenses against these deceptive tactics.
For more information about this issue, follow the link: https://www.avanan.com/blog/facebook-termination-notices-leads-to-phishing
Source: Cybernews and Avanan
