Crooks are manipulating chatbots to steal important information from users.

SpiderLabs, a cybersecurity firm, has discovered a unique new phishing tactic on Messenger that uses chatbot software.

According to the researchers, the campaign’s purpose is to get people’s Facebook credentials as well as various other personal information.

Initially, the victim receives an email claiming to be from “Facebook”. It informs them that their page has violated the site’s community standards and would be removed in 48 hours.

This email also includes an “Appeal Now” link, which allows them to contest the page termination.

Red flags to consider

Fortunately, the email’s content contains a few warning signals that should assist recipients to recognize the email as fake.

The first thing to look for is that there are a few spelling and language errors in the message’s text. Other than that, the recipient’s name appears as “Policy Issues,” which is not how Facebook handles such situations.

If the victim still clicks the “Appeal Now” link, they are directed to a Messenger chatbot and asked to click through to another “Appeal Now” link. The link to the chatbot is not harmful itself, therefore this is most likely done to avoid email security services.

There are some other red flags the page that owns the chatbot has the handle @case932571902, which does not belong to the social media platform. It’s also empty, with no followers and no postings.

If the victim continues, they are sent to a Google Firebase-hosted website. This one is disguised as a Facebook “Support Inbox” and it is here that the victim gives the cybercriminals critical information.

The hackers are requesting email addresses, cell phone numbers, first and last names, page names, and, passwords.

Chatbots played a significant role in digital marketing and live assistance. So, it’s no surprise that cybercriminals are abusing this tool. People are less likely to be skeptical of its contents, especially if it originates from a supposedly trustworthy source.

This tactic is ideal for social engineering because the hackers are using the platform that they are impersonating. As usual, we encourage everyone to be cautious when surfing the web and not to respond to or open unknown emails.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments