URGENT : Facebook Messenger Users Reportedly Being Attacked!! ---->Secret Way to be safe
If you are a Facebook Messenger user, this is important. Lately, we have heard a bunch of attacks by cyber criminals, where personal accounts, social media accounts, and even entire systems have been compromised. And it seems that the next on target are the users on Facebook Messenger. Reportedly, cyber criminals are using Facebook Messenger to spread adware, duping victims by redirecting them to fake versions of popular websites that are tailored to their browser.
On receiving a suspicious message by his own contact on the Messenger, a security researcher spotted the attack. “This malware was spreading via Facebook Messenger, serving multi platform malware/adware, using tons of domains to prevent tracking, and earning clicks. The code is advanced and obfuscated,” said David Jacoby, security researcher at Kaspersky Lab.
These cyber criminals are spreading malicious links via the Messenger, and the accounts that are being used to spread the malware have mostly a result of stolen credentials, hijacked browsers, or clickjacking. And the attack is spreading fast because these malicious messages are being sent from hacked accounts of people on your list of contacts.
How this attack essentially works is, a user gets a message from a person on their own Messenger contact list. The content is mostly in the form of links to videos, memes, and other content. You naturally trust the message, considering it’s from a friend (when it’s actually not), and you open it. And to make it more believable, the message along with these links always comprise of the victim’s name followed by the word ‘Video’, and a shocked emoji face with a shortened URL. For instance, in the documented case, the message said ‘David Video’. The link leads to a Google Doc, which blurs a photo taken from the victim’s Facebook page and makes it look like a playable movie.
Naturally, out of curiosity, one tends to click on the video to find out what’s in it, and that’s when the malware sends the victim to one of the many websites, depending on their browser, operating system, location, and other factors. This site will then attempt to encourage the target to install adware. For example, a Google Chrome user is sent to a website designed to look like YouTube, complete with the official logo and branding. The website shows the visitor a fake error message designed to trick them into downloading a malicious Chrome extension. Firefox users are sent to a fake Flash Update notice, which attempts to run a Windows executable to deliver the adware, and a Safari user gets a page customised for MacOS, which offers the download of a .dmg file, which is also adware.
“These adware programs track browser activity using cookies and display targeted adverts across the web, which in some cases socially engineer the victim into clicking on them. Each click on one of these adverts will generate revenue for those behind the scheme.”
Up until now, there is not much known about who is behind these attacks, but one thing is for sure, that with a monthly user base of 1.2 billion people, there are too many people on the radar of these cyber criminals. BGR India tried to contact Facebook with regards to the same, but are still awaiting a response.
As for you how to save yourself from it at this point, would be a simple advice of being wary of shortened links with such sensationalized captions. Crosscheck with your friend from whom you received the message before you open the link.
Congratulations @loku! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPToo usefull