Beware of the Latest Facebook Messenger Phishing Scam
So, there’s a new phishing attack making the rounds, and it’s got something of a surprising twist — it’s happening through Facebook Messenger. Yep, you read that right. Scammers are using this popular chat platform to trick people into giving up their account info. This shady operation, known as the “MrTonyScam,” starts with a sneaky message. You get a message that looks innocent enough, but it contains some sketchy attachments, like RAR and ZIP files. If you make the mistake of opening them, things start to go south really fast. First, these attachments unleash a little program that goes to GitHub or GitLab to fetch more bad stuff. This new payload comes with a CMD file, which, in simple terms, hides a Python-based tool designed to steal your cookies and login details from your web browsers.
Now, here’s the twist: After snatching your cookies, the scammers delete them. Basically, they kick you out of your own accounts. Once you’re out, they swoop in, change your passwords using the stolen cookies, and take control of your accounts. The folks behind this scheme have strong ties to Vietnam. You can tell from the Vietnamese language references in their code and the use of Cốc Cốc, a popular browser there. You might think people would be too smart to fall for this, but surprisingly, it’s been pretty successful. Even though it requires some interaction from the victims — like downloading and opening files — about 1 in every 250 people have fallen into this trap in the last month. This isn’t a problem just for one place. It’s hitting all over the map, from the U.S. to Australia, Canada, and more.
Here’s the really scary part. Scammers can make a quick buck by selling the accounts they steal on the dark web. If your Facebook account has a good reputation, a high seller rating, or lots of followers, it’s basically a goldmine for these crooks. So, what’s the takeaway here? Stay sharp and cautious when you get attachments or messages on Facebook Messenger, even if they seem legit. Cybersecurity is something we all need to be thinking about, so keep an eye out and protect yourself out there. Stay safe!