A MASSIVE scam operation targeting Facebook Messenger users has been identified by cyber experts.
Researchers at security firm Group-IB revealed this week that attackers behind the scheme are hijacking the accounts of their unsuspecting victims.
Facebook Messenger users are being targeted with a large-scale scam campaignCredit: Getty
Users at least 84 countries including Canada, the United States, Singapore and South Africa have been targeted by the campaign.
According to Group-IB, cyber crooks distributed ads promoting a fake updated version of Messenger.
Those who clicked or tapped on the ad were taken to a separate web page where they were asked to enter their login details.
Roughly 1,000 fake Facebook profiles were involved in the scam, according to the Singapore-based outfit.
The hacker group have been behind a string of cyber attacks (stock image)Credit: Getty Images – Getty
“By distributing ads promoting an allegedly updated version of Facebook Messenger, cybercriminals harvested users’ login credentials,” Group-IB wrote in a blog post on Tuesday.
“Upon the discovery of this type of fraud, Group-IB informed the social network, which has nothing to do with the fake posts.”
Researchers at the security firm first stumbled upon the fake update scam in the summer of 2020.
Since then, the number of posts linked to the scam has steadily grown.
In April, the number of Facebook posts inviting users to install “the latest Messenger update” reached 5,700, Group IB said.
To draw users’ attention, fraudsters registered accounts with names mimicking the real app, such as Messanger, Meseenger or Masssengar.
Many used Facebook Messenger’s logo as their profile picture.
A typical fake ad posted by one of these accounts reads: “To update Messenger 2021 and enjoy voice call and video call sign in from here.”
How to keep yourself safe from hackers and scammers
FOLLOW these steps to protect yourself from hackers in the future:
- Make a ‘strong’ password with 8 or more characters and a combination of upper case characters, numbers and symbols
- Don’t do online banking on public WiFi, unless absolutely necessary
- Don’t click on dodgy email links claiming to be from banks
- Use different passwords for different sites
- Never re-use your main email password
- Use anti-virus software
- Don’t accept Facebook friend requests or LinkedIn invitations from people you don’t know
- Think before you put personal info on social media
- Find My iPhone, Android Lost and BlackBerry Protect all allow you to remotely wipe a stolen phone. Set this feature up
- Only shop online on secure sites
- Don’t store your card details on websites
- Password protect your phone and other devices
Facebook employs filters to stop scammers from publishing fake ads on its platforms.
These roadblocks can be easily averted, however, by using shortened links to their fraudulent pages.
To entice users, the fake ads promised access to non-existent features like the ability to view who’s visited your profile and see deleted messages.
Scammers even threatened users with bans from Facebook Messenger if they didn’t sign up on the fake page.
“Users who fell victim to this scheme risk leaking their personal data and have their account hijacked,” Group IB wrote.
“Scammers are likely to use the compromised account to pushing victims to pay a ransom to have access to their account restored, or further scale up the scheme using the Facebook profile to distribute scam ads.”
The security firm urged users to be cautious while following shortened links, and to raise a red flag if it leads to a poll or one-page blog.
They also advised netizens to only enter their login credentials on the official app or website of their favourite social networks.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
In other news, viral WhatsApp messages offering people free Amazon gifts have been declared a hoax by cyber experts.
Windows 10 users are being warned to update now to fix 56 vulnerabilities that have been spotted in the software.
And, WhatsApp has had to delay its controversial deadline for getting users to accept new terms and conditions.
Have you spotted any online scams recently? Let us know in the comments…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]