MILLIONS of Facebook users have been duped by a phishing scam that tricks victims into handing over their account details – leaving them wide open to attack.

The scam is still active on the social networking site, according to experts.

Facebook users should be very careful about phishing attacks

1

Facebook users should be very careful about phishing attacksCredit: Meta

According to a report published by researchers at PIXM Security, it works by sending users to a dummy Facebook login page where they are coaxed into entering their personal details.

The researchers said that the Facebook credential-harvesting campaign has been active since September 2021 and on a scale that “has potentially impacted hundreds of millions of users”. 

The company found that one cyber criminal they tracked had managed to use the scam to steal one million credentials in just four months.

Facebook owner Meta is yet to reply to our request for comment regarding the scam.

Why you CAN'T quit Facebook – tricks that keep you addicted to social media
Check your Facebook NOW – three creepy pages prove you're being watched

How to tell if you’ve been duped

Since the scam works by luring users into giving away their Facebook credentials via numerous phishing sites, anyone who has fallen victim to this attack will find themselves redirected to a website with ads and surveys after completing the fake log-in page. 

Your Facebook account would then be used to further spread the campaign, probably via Messenger.

So your contacts will receive messages from you asking them to log in to the same dummy page you were duped by.

How to remain safe

Chartered security professional and security consultant, James Bore, told The Sun that people need to remain more vigilant than ever when using Facebook, especially after the discovery of this phishing campaign.

Most read in Tech

“While these phishing attacks may seem obvious, they can catch out even cautious or experienced users in a moment of inattention,” he warned. “There’s a huge number of these scams out there because they’re highly profitable for the criminals behind them.”

He recommends that the most useful thing to do to stay safe is to develop a habit of pausing and double-checking whenever being asked to do something unusual or new.

Common sense is the best weapon against these sorts of attacks.

Inspect the website you are on to ensure it is legit before handing over any sensitive information. 

However, some of the new methods employed by threat actors are increasingly convincing, meaning even the most experienced users can fall victim to these types of attacks. 

I'm being evicted from my home of 51 years because my dad and brother both died
Teen goes viral with safety tips for women including when not to wear ponytail

If you believe you’ve been hit by this attack, report it to Facebook through the site’s necessary channels and change your account password immediately. Also, be sure to enable two-factor authentication if you haven’t already.

The UK’s National Cyber Security Centre also recommends reporting the hack or any similar through the Action Fraud website, the UK’s national fraud and cybercrime reporting centre.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…


We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]


This post first appeared on Thesun.co.uk

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

The gymnasssts of the animal kingdom! Incredible footage reveals how some snakes perform CARTWHEELS

With their long thin bodies, snakes are known for their silent, slithering…

Microplastics Are Polluting the Ocean at a Shocking Rate

If you throw a polyester sweatshirt in the washing machine, it doesn’t…

Fortnite Season 6 latest – Chapter 2 SLAMMED for ‘ridiculous’ characters and a storyline ‘going nowhere’ after 4 years

FORTNITE Chapter 2 Season 6 went live on Tuesday in a major…

JLab Go Air Review: The Cheap Wireless Earbuds to Beat

Apple’s removal of the headphone jack in its iPhones three years ago…