Attackers are capitalising on the power of the Facebook brand by sending emails that appear to be from Facebook Ads Manager. The plan is to trick victims into providing their credentials and credit card information on a Facebook lead generation form.
According to a report published on Tuesday by Avanan’s security research team, attackers are sending phishing messages that seem to be urgent warnings from Meta’s “Facebook AdManager” team. The messages claim that the victim is not following the company’s ad policies and that the ad account will be terminated if the target does not appeal to the fictional violation.
The “appeal form” link takes visitors to a credential-harvesting site that collects passwords and credit card information using a real Facebook lead-generation form.
An intriguing aspect of the campaign is that, rather than using a harvesting site hosted on a suspect IP somewhere, attackers are exploiting the Facebook ads system to create malicious lead-generation forms. This method kills two birds with one stone: For starters, it deceives many automated checks for malicious links used by email platforms. The Avanan team refers to using legitimate sites as the Static Expressway.
Jeremy Fuchs, cybersecurity researcher for Avanan explained in the report,
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: