The success of a phishing attack is essentially a function of just how authentic it looks. Security researchers at Barracuda have encountered a new phishing attack that targets Facebook business pages by posing as a Facebook compliance message that appears on the notifications panel.
A blog post from Barracuda explains:
The message appears to be a Facebook compliance message, because it uses the Facebook logo and name. It also appears to be a direct message due to the use of “Dear Customer” in the greeting. However there are a few things that should stand out to you as suspicious:
- It uses the ow.ly URL shortener and not a proper Facebook URL.
- It uses threatening language indicating extreme action.
- The message itself is nonsense. It begins by saying that there are irregularities of content and a violation of ToS. Then it requires you to verify your contact information, and thanks you for helping them improve ‘service collaboration.’
- It is a notification and not a message. Facebook notifications indicate shares or mentions by another user. These are not direct messages to a customer, and normally do not include any type of greeting like “Dear Customer.”
The purpose of the phishing scam is steal Facebook credentials by duping users and tricking them into verifying their Facebook credentials on the fake site. If the phishing scam is successful, the attacker will then be able to hijack the Facebook page, and use it as a platform for launching additional attacks against a broader audience of Facebook users–appearing to come from the business itself.
Barracuda explains, “The attacker may also use these credentials to gather information about the business page administrators. These administrators are often managers in the business, and this information can then be used in spear-phishing attacks.”
If you receive a suspicious message or notification on Facebook, be sure to follow the above steps outlined in the Barracuda post to avoid becoming a victim. You should also report the activity to Facebook. Barracuda offers security solutions that can protect you from this type of phishing attack.