 |
| Attempts to bypass Facebook's two-factor authentication |
According to Sophos researcher Paul Ducklin, the scammers have developed a new way to bypass 2FA protection on Facebook.
Cyber criminals issue fake copyright warnings and threaten to delete pages unless users try to object.
In the first step of the appeal, the victim was asked to provide a username, password, and two-factor authentication code from their mobile device so that the fraudster could bypass the two-factor authentication (2FA) code.
Two-factor authentication (2FA) is an extra layer of protection. Usually, a unique code has to be sent to a mobile device which must be entered in order to access the platform. However, fraudsters are increasingly looking for ways to get around them.
Doklin explained his findings in a blog post, stating that: The defining feature of the new issue is the use of fraudulent pages created internally by Facebook, which makes phishing emails more legitimate.
He added: This method is not new but it is interesting because the email is short and straightforward and the link in the email goes to the actual Facebook website and how it works on the fraudulent web is reasonable.
These fake emails provide illegal evidence, but enough to convince social media managers to gather more information about alleged copyright infringement complaints, which means you will click on a phishing link. .
The email threatened to delete the victim's page unless an appeal is filed within 24 hours.
The researchers found that the message sent the victim to a domain site in the Central African Republic (CF) hosted on a cloud hosting service that provides them with a certificate (HTTPS) verifying the process from a more difficult discovery.
After accessing the website, the user will need to enter the password twice, access the Facebook app from the mobile device, and then enter the Two-Factor Authentication code found in this section of “Settings and Privacy” in the app.
Once the attacker has access to the victim's data on Facebook, he can sell the information or use it to hijack or delete pages, save the data as ransom, or make fraudulent in-app purchases.
Facebook said, we recommend that you be careful not to click on any suspicious links. If the user gets threatened, he can get help with the security of his Facebook account.
The company added that it recommends the use of external applications for authentication as a primary security method, and that Facebook provided a number of tips to avoid phishing attempts.