New York-based artificial intelligence and network security company PIXM released a report this week with a serious complaint: millions of Facebook users have been tricked for a few months by a single phishing scam, who has stolen account credentials for criminals.
According to the company that specializes in preventing phishing breaches, nearly 2.8 million people fell for the scam in 2021, and at least 8.5 million this year. According to the researchers, the campaign is still active and is linked to a single beneficiary domiciled in a city in Colombia. The hacker even responded to questions asked by the PIXM team.
Fake Facebook login page. (Source: PIXM/Disclosure.)Source: PIXM
How is the scam to steal data on Messenger working?
The gateway to the phishing campaign on Messenger is a fake facebook login page that opens and looks a lot like the official interface of the social network. When the victim enters his identifier and password, and clicks “Log In”, this data is sent directly to the hacker’s server.
At this point, an automated mechanism comes into play, which not only logs in to that account, but also sends the malicious link to all the user’s friends via Messenger. That is, when some of these friends also click on the link, they are also taken to the fake login page, where their friends also receive the link, and the ciranda expands exponentially.
When PIXM researchers contacted the element claiming the phishing campaign, he said he earns $150 for every thousand visits to the US advertising exit page. This means that after deceiving users – and also Facebook security checks – this scammer could have pocketed US$ 59 million (R$ 304 million) to date.