Another day, another malicious chatbot! Now, a new phishing attack is using Facebook Messenger chatbots to steal access to Facebook pages. Yep, you read that right! Attackers are impersonating Meta’s support team to steal credentials that are used to run Facebook pages.
Think of the Amazon chatbot every time your order gets delayed. Only, on the other side, it’s a bunch of hackers trying to get access to your account. Doesn’t sound too nice, right?
On Facebook, chatbot programmes are impersonating live support people. These chatbots are usually used for simpler problems and questions before an actual human being handles them.
TrustWave has discovered a new campaign whereby chatbots are being used to steal credentials for managers of Facebook pages that are commonly used to provide support or for self-promotion.
How does the campaign go?
As is true for all hacking campaigns, this one too is designed to seem legit. Group admins get an email informing them that their Facebook page has violated Community Standards. It then gives them 48 hours to appeal the decision, or to accept the deletion of their page on Facebook.
Once users click on the “Appeal” button, they’re directed to a Messenger chatbot. And then to a web page that asks for details including name and phone number. Click submit and it’ll ask for your password… and just like that… you’ve been phished!
These hackers have gone the extra mile to look legit. Once they’ve received all the details, users are sent to an actual Facebook page to give their actions a sense of legitimacy.
If you ever want to check if these emails are legit, simply check the sender’s email address – more often than not, those are a dead giveaway – and never click on any links that are attached to suspicious emails. For instance, the page associated with the chatbot had a suspicious name and 0 followers. Yet, it had the “very responsive to messages” tag, all pointing to a giant red flag.
Source: indiatimes.com
