« We decided to definitively eliminate your Facebook account », watch out for phishing!
In these days, a massive campaign is trying to subtract Facebook and Italian -speaking Instagram accounts. Here’s what to pay attention to.
« We decided to definitively eliminate your Facebook account ». Thus begins, in private messages, what is actually a massive campaign phishing that targets accounts Facebook and Instagram. The message is delivered by account that breaks through the official goal profiles that, to be more credible, add in the profile photo The blue check in order to seem official accounts. The message leverages a sense of urgency: the user is informed of a next closure of your account because of the reports of other users. But there is a way to save yourself from the (fake) closure. That is to visit a site where you can enter your personal data. It is obviously an trick to remove its account from the user.
The aim is to arouse a pressure such that users who receive the message click in a short time on a link in the message and that give sensitive data, such as e-mail, password, etc. Needless to say that Destination never forwards private messages regarding account security. But what happens if you click on the link?
Phishing’s message
By clicking on the link you access a website managed by IT criminals. From here these will be able to access a series of personal information of various kinds. From your IP address, to Facebook credentials, if sold by filling out a form. Once these steps are performed, it is a moment to lose control of your profile, if you do not have a method of authentication with two factors (or if you also give the unique codes).
What happens to the subtracted accounts
If cyber criminals manage to remove the account, this will probably be used to contact the friends of the stolen profile and use social engineering tactics, to perpetrate scams or spread malware, or even steal other accounts. Once you have taken control of the profile, they will contact the friends of the same. In this way, the bad guys will try to earn the trust of those who contact, pretending to be the person once owner of the account. They will be able to ask for anything: data, money, information.
What to do if they have stolen your account
If an Instagram or Facebook account has been violated, it is good to immediately contact Meta and report the incident, to find a solution. Just connect to the respective pages dedicated to the reports of Instagram And Facebook and follow the suggested indications. It is also good to report to the postal police the violation and the methods of contact with which the attack was launched. Also good also notify your contacts that there is the possibility that the account was using against one’s will. Finally, it is better to change passwords and activate two -factor authentication.
