Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Large Scale Phishing Campaign on Facebook Messenger Generates Millions in Ad Revenue

Facebook and Facebook Messenger phishing campaign has generated millions of dollars for cyber criminals since 2021

by Guru Writer
June 9, 2022
in Cyber Bites
Open laptop and phone using Facebook
Share on FacebookShare on Twitter

A large-scale phishing operation held on Facebook and Messenger to lure millions of users onto phishing pages has been uncovered by researchers. The aim of the operation was to trick victims into entering their credentials and see adverts.

These stolen account details were used to send further phishing messages to victim’s friends. The aim being to generate significant online advertising commission revenue.

The New-York based AI-focused cybersecurity firm, PIXM, said that the campaign, despite being active since September 2021, peaked in April/May 2022.

PIXM traced the threat actor and was able to map the campaign due to one of the identified phishing pages hosting a link to a publicly accessible traffic monitoring app (whos.amung.us).

PIXM said that victims arrived at phishing pages after being redirected from Facebook Messenger. Automated tools helped the threat actors send further phishing links to the compromised account’s friends. This created a massive growth in stolen accounts.

The threat actors used a trick to bypass Facebook’s anti-phishing protection measures. The phishing messages used legitimate URL generation services, such as famous.co, amaze.co, and litch.me. These are used by legitimate apps so would be hard for Facebook to block. In 2021, 2.7 million users had visited one of the phishing portals, researchers found. In 2022, this figure increased to 8.5 million.

The researchers further identified 405 unique usernames used as campaign identifiers, linked to separate Facebook phishing pages. However, the researchers suspect that these usernames only represent a fraction of the accounts used for the campaign.

The threat actors receive referral revenue from redirects after victims enter their credentials on phishing landing pages. The revenue is estimated to be millions of USD.

PIXM was able to find a common code snippet on all of the landing pages it identified. These pages contained a shared reference to a previously seized website that constitutes part of an investigation against a Colombian man identified as Rafael Dorado. It is unknown who placed the notice on the site and seized the domain. PIXM shared the results of its investigation with the Colombian police and Interpol.

The phishing campaign is still ongoing.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Unofficial Security Patch Released For Microsoft Zero-Day Vulnerability

Next Post

UK Government Acquires Its First Quantum Computer

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information