This devious phishing campaign uses Facebook messages to trick its victims

Campaign uses alleged copyright violations to dupe Facebook users

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A newly-discovered phishing campaign has been found using fake copyright infringement notices from Facebook to dupe users into giving away their account details.

According to analysts from cybersecurity firm Trustwave, these fake messages claim that the user will have their account deleted in 48 hours unless they fill out an appeal form to protect themselves.

This appeal form then collects key personal data about the user, which can put the unwitting recipient at far greater risk of issues likeID theft.

How exactly does it work?

The phishing attack is delivered via an email to the recipient’s inbox, which contains a link to a real Facebook post.

The user is then redirected to a fake, custom-built Meta-branded customer support site.

This site collects the user’s real name, phone number, and address, which combined with their IP address and location, is reportedly stored by the hacker and sent to a Telegram account using HTTPS.

Users are then reportedly directed to another fake page, where they are faced with a One Time Password Check, which inevitably fails.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

After this, if choose to click on a pop-up reading “Need another way to Authenticate?”, they are then redirected back to the real Facebook site.

Rackspace warns of phishing risks following ransomware attack

This phishing kit is punishing unaware shoppers this Black Friday

Our guide to the best firewalls

Trustwave advises users to be careful if they received copyright violation notices purporting to be from Facebook.

Facebook remains an extremely popular attack vector for would-be cybercriminals.

In October, cybersecurity researchers uncovereda campaign known as “ducktail”.

Targeting businesses running Facebook advertising campaigns, “ducktail” installsmalwareon the victim’s machine, which then nabs valuable information such as crypto wallet addresses.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

I’ve used Genmoji and now I’m convinced Apple Intelligence will be a huge success