There's a new attempt at an old phishing attack running on Facebook today. The attack appears to target business pages on Facebook by posing as a Facebook compliance message. Here's a screenshot of the attack, which we received in our notifications panel on Facebook:
- It uses the ow.ly URL shortener and not a proper Facebook URL.
- It uses threatening language indicating extreme action.
- The message itself is nonsense. It begins by saying that there are irregularities of content and a violation of ToS. Then it requires you to verify your contact information, and thanks you for helping them improve ‘service collaboration.'
- It is a notification and not a message. Facebook notifications indicate shares or mentions by another user. These are not direct messages to a customer, and normally do not include any type of greeting like “Dear Customer.”
This is what you will see if you hover your cursor over the account link:
This attack page was taken offline earlier today, but there may be more versions of this page still functioning.
The attack is structured as follows:
- The attacker identifies the business page.
- The attacker then shares the latest post from the business page.
- The share is prefaced by the message that you see in our screenshot at the top of this post.
- The body of the message includes a shortened link designed to look like a Facebook account verification link.
These indicators should be enough for you to recognize this as a scam and avoid clicking on any links.
If you would like to check the safety of a link such as this, you can follow this process:
- Submit the shortened URL to a URL expander like Check Short URL. This will expand the link to the original URL.
- Submit the original URL to a link checker like the Google Safe Browsing report here.
Phishing attacks can lead to very serious damage, including identity theft and ransomware attacks. These attacks are increasing, and organizations all over the world are issuing a warning to employees, students, and other potential victims.
If you receive a suspicious message or notification on Facebook, be sure to follow the above steps to avoid becoming a victim. You should also report the activity to Facebook.
Barracuda offers security solutions that can protect you from this type of phishing attack. The Barracuda Web Security Gateway and Barracuda Web Security Service offer multiple levels of protection to defend users against malicious websites. The Barracuda Email Security Service now offers Advanced Threat Detection and Link Protection, to defend users against dangerous links sent through malicious email attachments. Barracuda Essentials for Office 365 also includes this protection.
For more information about Barracuda, visit our corporate website here.