Nowadays, we hear a lot about campaigns that steal sensitive account data. The latest case we have heard about in the Windows operator is certainly revolutionary. They wanted to steal professional accounts from certain users of the professional Facebook social network via a PHP document that was sneaking into the browser’s internal data.
This new form of phishing was carried out for the first time this year and became known last July, being directly linked to a group of hackers from Vietnam. They used an intense social engineering campaign to launch their attacks via LinkedIn on highly targeted individuals who may have access to large Facebook Business accounts. Thus, it’s important to be well-informed with some cybersecurity tips.
What is phishing?
Phishing is the illegal act of tricking someone into providing confidential personal information such as payment methods or passwords. Like phishing, there are many ways to trap a particular victim. Although, there is one phishing tactic that is the most popular. The victims get an email or SMS that mimics a trusted person or organization, such as a co-worker, bank, or government office. Once the victim opens the SMS or email, they find a message designed to scare them, with the intention of undermining their judgment by instilling fear. The text message asks the victim to go to a website and act immediately or face the consequences.
If a user clicks on the link, they are sent to a website that is an attempt to imitate the legitimate one. From there, they are asked to register with their credentials and personal information. If you are trusting enough and do so, the login information gets to the hacker, who sells your personal information on the black market.
Facebook Business accounts targeted via LinkedIn
The malware attack that was executed via LinkedIn is actually related to the NET Core malware that disguises itself as a document in PDF format. It contains information that is theoretically vital for developing a new marketing project. For those users who work in a big company as a social media manager, this can be a piece of interesting information.
The main target of the attack is Facebook Business accounts, which have a huge range of members to distribute other fake links. It operates on the principle of a PHP script that is extracted into the %LocalAppData%\Packages\PXT folder to be launched.
When it starts in the background (so the user is unaware of its existence), it starts to access the sensitive data in the web browser itself or the cookies. This information starts to be collected on a JSON website, even though it was already being sent out via Telegram.
As mentioned above, recent attacks have mostly affected those marketing teams that have access to large Facebook accounts. Nevertheless, it has also been detected that in addition to the use of a PDF marketing document, embedded subtitles and even pirated game files have also been used as bait.
As always, with these incidents, you should use common sense to avoid downloading unknown files, even if they arrive via LinkedIn. Today, any platform can be perfect for sending any kind of phishing, especially business tools that give people easy access to popular channels.
How to protect yourself from phishing?
Most browsers have tools to test whether a link is safe, but the best line of security against phishing is your sense of judgment. Learn to recognize the phishing signs and always try to practice safe computing whenever you are checking your emails or enjoying your favorite online game. Nowadays, there are a large number of websites to distract yourself and play for real money. Therefore, it is necessary to be sure where you are entering. Some of the best online casinos have certain features that show they are real. For example, the Spin Casino review shows that the Malta Game Authority regulates the casino. In addition, having a wide variety of games also offers a level of security, something that phishing sites do not. The spin casino has over 600 games in which you can enjoy a live casino with a real croupier. Playing in legal casinos can allow users to get points which bonuses can replace. It should also not be forgotten that specialized sites offer more than one payment method and do not ask for personal information.
Follow the next points to avoid getting caught are as follows:
● Do not click on an unfamiliar sender’s email.
● Do not click on a link in an email, except if you know exactly where it directs.