Unfortunately, we have seen a lot of scams going around recently, with many different types of malware popping up in all sorts of different places. More than ever, you need to be vigilant when going about your daily business online. This point is only reinforced further by today’s news as researchers have discovered Facebook Messenger chatbots that are running phishing scams. Let’s dig a little deeper into this story.
Threat detection and response specialists Trustwave have released a report into what it calls Interactive Phishing. This type of threat sees malicious actors using Facebook Messenger chatbots to steal victims’ credentials and gain access to their accounts. They specifically target managers of Facebook Pages so that they can take control of them and spam users.
Interestingly, these scams begin via email. Potential victims receive emails saying that their page has breached Facebook’s Community Standards and has been scheduled for deletion. The email includes an Appeal button, which leads to a link that has been shortened using Meta’s own link shortener. Clicking this link launches Facebook Messenger and a conversation with a chatbot called Page Support.
All is not right with this page, however, and this is where your own vigilance comes into play. Trustwave says this about the page that is supposedly an official Facebook support page:
“… closer inspection of the profile owning the page will reveal that this is not an actual support page. The profile used is just a normal business/fan page with zero followers and no posts. Even though this page may seem unused, it had a “Very Responsive” badge which Facebook defines as having a response rate of 90% and responds within 15 minutes. It even sported a Messenger logo as its profile picture to appear legitimate.”
Not everybody spots these signs, however, and once victims hit the Appeal Now button in the Messenger chat they are taken through a conversation that ends up with them putting all of the page’s login credentials into an online form. This includes their password. The scam even sends over a prompt to include a code that the user will receive on their mobiles as the scammers try to log into their account from another device. Once this happens, all the details are then put onto a spammer database.
As we’ve already mentioned, it is more important to remain vigilant these days. To prevent yourself from falling victim to phishing attacks like this, download and review our phishing attack detection infographic.
