A fraud campaign masquerading as Facebook Messenger steals the data of users in more than 80 countries

MADRID, April 21 (2021) –

A new large-scale fraud campaign has put the spotlight on the messaging app Facebook Messenger and, posing as an updated version, has managed steal the access data of users from more than 80 countries, including Europeans.

This has been warned by the cybersecurity company Group-IB, who has discovered the fraudulent campaign, who has distributed a network of about 1,000 fake Facebook profiles, as reported by the company in a statement.

The fraud campaign, which was first detected in the summer of 2020, invited via Facebook posts to install supposedly “the latest Messenger update”. The operation has continued in progress since then and in this month of April it had managed to affect 5,700 people.

To make the scam more credible, the fake Facebook accounts replicated the real appearance of Messenger, using their logo and your profile name, although with slight variations, such as ‘Messanger’, ‘Meseenger’ and ‘Masssengar’.

The ‘posts’ of the campaign were accompanied by a link that redirected users to a website – created through blogspot.com, sites.google.com, github.io or godaddysites.com – that impersonated the Facebook Messenger login and that it asked users to enter their login credentials.

To avoid detection, cybercriminals services to shorten url of the links you included in your posts, such as linktr.ee, bit.ly, cutt.us, cutt.ly, and rb.gy.

In addition, in the publications they tried to attract users by promising features that don’t exist in the actual Messenger ‘app’such as discovering which people have viewed the user’s profile, displaying deleted messages, or switching to a supposed Gold version of the ‘app’.

They also threatened to block their account if they did not register on the fake website, an action with which those affected could effectively see their stolen accounts or that the ‘hackers’ demanded a ransom for it.

Group-IB has found that fake Facebook Messenger ads have affected users from 84 countries around the world, including Europeans like France, Germany and Italy.

Add Comment