New Facebook Video Phishing Scam Uncovered

It is almost every day that a Facebook video phishing scam is discovered, and yesterday was no exception. Scammers are increasingly looking to take advantage of Facebook’s drive to compete with YouTube as the go to place for watching video content.

Latest Facebook video phishing scam offers Facebook video application for free

The social media website is now actively encouraging users to upload videos to the site; videos are now playing automatically in live feeds when the mouse arrow is hovered over a post, and scammers are taking advantage by offering users an easy way to upload and view videos via mobile devices. The Facebook video phishing scam is likely to catch out many users of the site.

Video posts are now common on the social media platform due to the ease at which users can take videos using their mobile phones. Those users naturally want an effortless way of sharing their video content with friends and family. What better way of doing this than with a Facebook video app? Simply download the app and you can share your self-generated video content with a tap of the screen!

Unfortunately for the user, the app being offered is fake. It will make sharing information effortless, but not the information that the user will want to be shared. Any Facebook user that falls for the scam will instantly share their login credentials and friends list with a cybercriminal.

Facebook video phishing scam displayed via a popup browser window

The new Facebook video phishing scam is being advertised via a popup window that appears virtually identical to the genuine Facebook website. The Facebook search bar appears as normal, along with the icons at the top of the page that every user will be very familiar with. A casual glance at the URL is likely to arouse little suspicion as the site address starts with “Facebook”.

Closer inspection will show that this is not a genuine Facebook page. The popup window has been seen on two variants of the real domain name: Facebooksk.info & Facebookstls.com. This is a sure sign that this is a Facebook video phishing scam and that the free Facebook video app being offered is not genuine.

These popups appear when the user clicks on an advert offering a free Facebook video application that users can download to their device. The adverts can also pop up on the screen while browsing websites that have been infected with adware.

The fake Facebook video app has so far only been seen in Spanish; although English-speaking users should also be wary. An English language version is sure to be released soon.

Before being allowed to download the free Facebook video application, users must first confirm they are over 18 years old. Age verification is required before the user will be permitted to download the app. In order to do this, the user will have to enter their username and password. The login box has been created to closely mimic one used by the genuine Facebook site.

When the user enters their information and clicks on the login box, a PHP script will run that sends the data to the hacker behind the Facebook video phishing scam.

Once login credentials have been provided, the hacker will be able to login to the victim’s account, and access that user´s friend list. Phishing links will then be sent out to all of the users friends. The contents of the account, including all of the security settings, can also be accessed.

This Facebook video phishing scam is one of many now doing the rounds on the social media platform. All site users must exercise caution before logging in or divulging any sensitive information via the social media platform. Not all Facebook scams are this obviously fake and easily identified. Scammers are devising ever more sophisticated ways to get users to compromise their own accounts.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Elizabeth Hernandez

Elizabeth Hernandez is a news writer on Defensorum. Elizabeth is an experienced journalist who has worked on many publications for several years. Elizabeth writers about compliance and the related areas of IT security breaches. Elizabeth's has focus on data privacy and secure handling of personal information. Elizabeth has a postgraduate degree in journalism. Elizabeth Hernandez is the editor of HIPAAZone. https://twitter.com/ElizabethHzone
Twitter