Phishing attacks were reported in Facebook by the Digital Security helpline that lead to the compromise of several accounts.
Spear phishing was the most common method use by the cyber criminals to take control of a Facebook account.
Let’s take a closer look on how this happens.
Phishing is a type of cyber-attack that comes under the category of social engineering which is mainly used to grab login credentials and even credit card details of the target. This occurs when an attacker, disguised himself as a trusted entity fakes a victim to open an infected email, text message or an instant message. The target is then made to click on the malicious link, which leads to the installation of malware which is attached along with the link. Gradually this
leads to the freezing of the system and may lead to a ransomware attack revealing every personal information.
How this works
The new mode of attack targets Facebook users and it relies on your lack of knowledge about the “Trusted contacts” feature.
“Trusted contacts” is a helping feature in Facebook that guides you to recover your account if you have forgot your password or the account is blocked. When you activate the trusted contact feature, Facebook allows you to identify three to five people.
In order to regain your account Facebook will sent parts of code to each of these victims which can be combined to form a single code that allows you to get back your lost account.
Anyone with a Facebook account can be a prey to this attack but these kind of attacks are generally reported from Human right defenders and activist from the Middle East and North Africa.
Mode of attack
- First the attacker send a message in the messenger from an infected account that may be your friend in Facebook..
- Then the attacker seeks for your help to recover his account by using the trusted contact feature. He explains that you are listed in his top 5 friends list and is in need of a code that Facebook has sent to you.
- Then attacker then use the “Forgot my password” feature in your account and requests for the recovery code.
- In order to extend your help, you will send him the code, that you have just received thinking it was from the trusted contact feature of Facebook.
- Using this code, the attacker lurks into your account and steals it from you.
What is the Trusted Contacts feature?
It is an account recovery option in Facebook that helps us to regain a blocked/lost account and even the email accounts and phone numbers linked to it.
How does the Trusted Contacts feature work?
To use this feature you must select three to five Facebook friends. If you have lost access to your account, this feature sends a special code to these five people. You should collect all these codes, combine them and can be used to regain your account.
Note: Facebook does not generate codes and send text messages to your friends, instead your friends need to generate the code for you.
Make your own defence
- Treat unexpected messages with a suspicious vision: Phishing messages often come from a hackers disguised as your trusted friend. So when you get an odd message from someone, check the genuinity of the message before you respond or open any attachment sent by them.
- Confirm with your friend: Try to verify your identify your friend’s identity through a normal call or video call.
- Be aware and cautious, act slowly: Attackers are always around and they aim at triggering you with a strong emotional reaction, like anger or fear. Do not give a sudden response. Figure out what really is happening before your take an action,
- Learn how “Trusted contacts” feature works: Just take a moment to understand how this feature really works rather than blindly giving the secret code to some stranger disguised as your friend.