Researchers at Trustwave have shed light on a recently discovered phishing campaign revolving around Facebook Messenger bots.
If you don't spend much time on social media, chatbots are programs designed to impersonate live people and are usually relegated the task of answering simple questions as a form of triage customer support.
If the bot can't answer the question, then a handoff escalation is made to a human customer support person.
That's how it's supposed to work, anyway. This newly discovered campaign abuses chatbots.
Here's how they're structuring the campaign:
The first step is to send an email out to an individual concerning their Facebook page, generally claiming that the page has violated some portion of Facebook's Community Standards and giving the email recipient 48 hours to appeal the decision or risk their page being deleted.
Naturally, this is mortifying to most people, who will rush to resolve the issue.
That's exactly what the phishers are counting on. By "helpfully" providing a link or button embedded in the email which connects them to a chatbot, but one that the scammers control.
By all appearances, the email recipient is connected to a member of Facebook's customer support team. It is in fact a chatbot controlled by the scammers.
The fake customer support person will basically regurgitate the information contained in the email and then will send the victim a message containing an "Appeal Now" button.
Clicking this button takes the victim to a website disguised as the "Facebook Support Inbox." At this point, only an observant potential victim will see through the ruse as the inbox domain is in no way associated with Facebook. Others may easily miss it.
If the victim doesn't see through the ruse, he or she will be asked to input a variety of information on a form. When this form is submitted, a pop-up box appears asking the user to re-enter their Facebook password, and that's the hook.
Everything up to this point has been bait designed to get the potential victim to give up their password.
Even if you're not personally on Facebook, make sure everyone you know who is knows about this scam. If we can help even one person avoid being taken in, that's a victory.
If this tip helps and you would like to donate click on the button. Thanks In Advance
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
