Facebook Messenger has been hit by a large-scale scam campaign that was detected by Group-IB, a global threat hunting, and adversary-centric cyber intelligence company. Group-IB Digital Risk Protection (DRP) analysts have found evidence proving that Messenger users in over 80 countries in Europe, Asia, the MEA region, North and South America might have been affected, the company said in a release.
"By distributing ads promoting an allegedly updated version of Facebook Messenger, cybercriminals harvested users` login credentials," the company said.
The cyber intelligence company has found out that almost 1,000 fake Facebook accounts are distributing links to an allegedly updated version of Facebook Messenger.
And Messenger users who followed the link would then be redirected to a fake Facebook Messenger website with a login form, through which cybercriminals harvested users` credentials.
According to the intelligence company, scammers used official Facebook logos and shortened link names that resembled the real ones. Group-IB said that the social media giant itself has nothing to do with the scheme.
The scale of the scam has grown substantially over the past several months, the company noted. As of April, the investigative team found 5,600 Facebook posts inviting users to install the fake "latest Messenger update," Sputnik reported.
Group-IB`s DRP analysts have found scam ads targeted at users in at least 84 countries worldwide, including Canada, the United States, France, Germany, Italy, Singapore, Malaysia, and South Africa.
Users who fell victim to this scheme risk leaking their personal data and have their account hijacked, the company said.
"Scammers, in turn, are likely to use the compromised account to either blackmail the victim, pushing them to pay a ransom to have access to their account restored, or further scale up the scheme using the Facebook profile to distribute scam ads," the release said.