Facebook ads used in spreading Facebook Messenger phishing scam

Facebook ads used in spreading Facebook Messenger phishing scam

So far, Facebook Messenger users in 80 countries have been targeted by this phishing scam, reports Group-IB.

The Singapore-based cybersecurity firm Group-IB has released a new report providing details of a new phishing campaign affecting users in over 80 countries.


The ‘global threat hunting and adversary-centric cyber intelligence agency’ revealed in its report that threat actors are targeting Facebook users in Europe, Asia, North and South America, and the Middle East with fake ads promoting a Facebook Messenger update.


Campaign Aimed at Stealing User Credentials


Group-IB’s Digital Risk Protection (DRP) analysts revealed that attackers deliver fake Facebook ads to promote an updated version of Facebook Messenger to steal users’ login credentials. The agency has discovered around 1,000 fake Facebook profiles that are being used to post the ads.


SEE: Facebook ads dropped malware posing as Clubhouse app for PC


According to researchers, the majority of users in countries such as Italy, Canada, Germany, France, South Africa, Singapore, Malaysia, and the USA have fallen victim to this scam and got their accounts hijacked.





Facebook approved this ad that allowed threat actors to steal login credentials of Facebook Messenger users (Image: Group-IB)



Phishing Scam Active since Last Summer


DRP analysts claim that they discovered this campaign back in summer 2020 after detecting its traces in Asia and Europe, and in April, the number of FB posts inviting users to install the new update ..