![]() ![]() ![]() It will help you use a different and difficult password for every online account you have. Enable two-factor authentication on your account.The fraudulent activity covered there includes fake emails, and a longer time limit (48 hours to respond, instead of just 12), and its well worth reading. The research covers similar tactics: hijacking business pages to phish. While drafting this blog, we became aware of research already published by Abnormal Security. Whatever they're up to, it won't be anything good. If any stolen accounts have access to business pages, no doubt they'll create more fake recovery pages too. They'll likely be used to compromise more accounts down the line. We can’t say for sure what they’re doing with the stolen accounts, but once they have them, spam and malicious messaging would be the best bet. Note that the page here isn’t even HTTPs. A rather dire warning lies in wait for anyone viewing it: ![]() These pages are also easy to stumble upon while searching for content in Facebook itself - this is how a relative first brought it to my attention. Potential victims are linked to a notification on the compromised account’s page via messaging. Instead of a portal advertising the latest gardening tools or hair fashion, it's now claiming to help you recover lost Facebook pages. The people behind this have made significant alterations to the page description and layout. Let's assume an account responsible for a page has just been compromised. The compromiser is able to set about changing the business page to suit their needs. Should any of those users suffer an account compromise, the business page may become vulnerable as a result. These pages are operated by one or more Admins, using their personal accounts. Transparency report How do scammers go phishing?īusinesses on Facebook have a dedicated page for their organisation, containing information, updates, and posts about the latest happenings. ![]()
0 Comments
Leave a Reply. |