![]() ![]() Here, another piece of evidence points to how this interaction is fake. Spammers take advantage of this availability and in this case, they built a website disguised as a Facebook “Support Inbox” where the user can purportedly appeal the supposed deletion of their page. With the rise of app and web building tools, it is easy for anyone to create and publish webpages. Firebase is an application development software that provides developers with a variety of tools to help build, improve, and grow the app. The handle was designed to make the shortened URL appear as if it was an actual link to a violation case.Ĭlicking the “Appeal Now” button in the chat opens a new tab to a website hosted in Google Firebase. The account handle “case932571902” also does not pertain to the official Facebook support channel. It even sported a Messenger logo as its profile picture to appear legitimate. Even though this page may seem unused, it had a “Very Responsive” badge which Facebook defines as having a response rate of 90% and responds within 15 minutes. The profile used is just a normal business/fan page with zero followers and no posts. However, closer inspection of the profile owning the page will reveal that this is not an actual support page. The persona that the user is chatting with is supposedly someone from the Facebook support team. The chatbot will then respond with a message similar to that contained in the email shown earlier. Once that is done, the user can view the conversation window and press the default “Get Started” button. If not, it prompts the user to log in to Facebook. The user must be logged into the platform to engage with the chatbot. In our email sample, the embedded link redirects to a Messenger conversation with a chatbot.įigure 4 Chat message with alleged Facebook Support Meta, formerly known as Facebook, Inc., has its own URL shortener which uses m.me domain that redirects the user to a personal account page, or conversation in Messenger. There is a shortened URL embedded in the “Appeal Now” button which contains a supposed case number in its path. It is also evident in the email’s Received headers and sender IP address that it was not sent by the social media platform but a tool designed for marketing and Customer Relation Management. The sender domain does not belong to Facebook. The sender is named as “Policy Issues”, a tricky way to lure and cause panic to the recipient. On closer inspection, several additional red flags are seen in the email header. Such mistakes are almost always indicators that a message may not be legitimate. Some errors are present in the message such as the improper capitalization of the word “Page”, and the missing dot at the end of the third sentence. A 48-hour ultimatum was given, invoking a sense of urgency to the recipient. The sender, who appears to be from Facebook’s support team, is giving the user a chance to appeal this termination. This claim can resonate with Facebook users as most people have heard that the social media site is clamping down on users who violate the rules. This malicious email claims that the user’s page is about to be terminated due to a violation of Facebook’s community standards. This time, our team came across a phishing email that makes use of Meta’s Messenger chatbot feature. ![]() In this case, the threat actors are attempting to steal Facebook login credentials.įrom phishing and scam attempts, to bogus job offers, fraudsters are always coming up with new techniques to steal credentials or money. With millions of active users, scammers and threat actors have easy access to numerous potential victims. The application’s popularity makes it an attractive target for cybercriminals. This was shown in an earlier Trustwave SpiderLabs blog that detailed how chatbots are used in email phishing attacks. Within the current digital landscape, chatbots are widely used by companies and individuals to connect with their customers online, and almost immediately pops up when chatting with brands or businesses. One important feature of this platform is Messenger’s bot. Facebook Messenger is one of the most popular messaging platforms in the world, amassing 988 million monthly active users as of January 2022, according to Statista.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |