Cybercriminals use their social engineering techniques on Messenger chatbot of Facebook to impersonate the support team with the goal of steal user passwords.
This scam starts with a email from phishingwhose concept and message body inform about the need to contact the team prevent your profile from being deletedsince the social network ‘claims to have found’ some content that violates the rules of the virtual community.
Mail also provides a link that redirects to a Messenger conversation with a chat, which offers yet another link as if it were a technical support service. Really, the fraud sends the victim to a form what ‘it takes’ to not lose your account in 48 hours.
The support page makes the aforementioned form available to users, which they must fill in with personal data and password, furthermore by clicking on ‘Send’ they are directed to a double authentication page where a countdown for verification appears.
When the authentication numeric code is entered, the web redirects to a real Facebook help center page containing information on intellectual property and copyright.
So you can detect these phishing attacks
From Panda safety provide the following suggestions:
- Review the wording of the message body in case there are any grammatical or spelling errors.
- Analyze the subject of the email.
- Verify the sender’s domain.
- Check the URL of the webpage and check if the domain matches the original so that the cybercriminals do not access the accounts.