The Scientific and Academic Computer Network (NASK) reported on Wednesday that CERT Polska is analyzing a new version of the phishing campaign. Its aim is to steal Facebook login details. How to avoid fraud?
- Data theft on Facebook
- Personal data obtained during recruitment
- The Internet is full of dangers
- How to protect yourself against cyberattacks?
Data theft is a regularly recurring topic in media communication. This is due to the use of new methods of phishing by cybercriminals.
NASK and CERT Polska inform about the latest forms of attack. This time, the thieves want to obtain Facebook login details. Let’s check how we can avoid online threats.
Data theft on Facebook
The CERT Polska team explained that thieves send messages on Facebook to fan page administrators. They inform that the website does not comply with the platform’s policy. They then threaten to completely delete the profile. However, it is necessary to verify the account to check the validity of the report. This is possible after entering the link sent by fraudsters.
In fact, the address leads to a fake Facebook login panel. Thanks to it, thieves easily gain access to our login data. Accounts compromised in this way can then be used for further fraud.
By impersonating us, a criminal can, for example, contact our loved ones. During such a conversation, he may ask for a small sum of money to be transferred. This may not be very suspicious for the recipient, because the thief, by viewing our conversation histories, will know how we write and to whom we could possibly make such a request.
Personal data obtained during recruitment
The Facebook scenario is just one of the ideas cybercriminals use. CERT also warns against a campaign that uses the motive of recruiting for work on very favorable terms. The victim is contacted by an “HR representative” or “recruiting manager.” It encourages communication via the WhatsApp platform, where it provides links to offers.
In fact, the addresses provided are fake websites that only resemble company portals. Accessing them may result in thieves gaining access to our data, including payment details.
The Internet is full of dangers
The campaigns presented are based on current reports and analysis conducted by CERT Polska. These are only criminal patterns of action and potential ways of dealing with similar situations. The published examples are intended to build awareness among Internet users. However, more and more of this type of dishonest behavior appears.
Recently, LinkedIn users have become the target of an account takeover campaign. Following the attacks, criminals demanded a ransom in exchange for regaining access to the profile. This situation was recorded by the Cyberint research team, whose analysis significantly influenced discussions about attacks on social networking sites.
How to protect yourself against cyberattacks?
NASK and CERT Polska are constantly trying to educate users of the global network. They provide guides and inform about the latest threats. All this to reduce the chance of a successful attack by cybercriminals. Current attack warnings can be found on the CERT Polska website. Verification of the reliability of news is available on the NASK account.
We can also help you use the Internet safely. One of the latest activities of CERT and NASK is the launch of the websitebezpieczewybory.pl. They are intended to help sift through false information related to the upcoming parliamentary elections.
NASK’s cooperation with Google, Meta and TikTok is intended to reduce cyberattacks and disinformation in connection with hybrid warfare. Reliable information about the elections is available on the website. You can also report incidents related to fake news there.