Morioh
Login
Marielle Rippin

Marielle Rippin

3 years ago

Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts.

The perpetrators are trying to dupe people into thinking that the social network is handing out free money to any user affected by COVID-19, according to a Kaspersky analysis. It’s using messaging platforms to proliferate.

“This is an attack that was caught propagating via messengers, such as Telegram,” Vladislav Tushkanov, senior data scientist at Kaspersky, told Threatpost. “This seems to be a common trend – we even see some attacks where after asking for your private info, the perpetrators ask you to forward the scam link to your WhatsApp contacts (e.g. ‘to spread awareness about these benefits’).”

Despite the “must be too good to be true” aspect of the game that should tip most people off, the cybercriminals are taking steps to make the offer seem legit.

“Samples detected by Kaspersky indicate that potential victims viewed an article appearing to come from a prominent media outlet [CNBC] and were prompted to follow a link to apply for the grant,” researchers explained, in a Tuesday post. They pointed out that there is in fact, a real CNBC article about coronavirus-related Facebook grants, but the legitimate program is for small businesses, not individuals.

If people were sucked into clicking the link, they were taken to a phishing page and asked to enter personal information, even including a scan of both sides of their ID.

“First you’ll be asked for your Facebook username and password,” according to Kaspersky. “If you enter them, they’ll go straight to the cybercriminals. Then, to accept your application, the site requires a lot more information, supposedly to verify your account: Your address, Social Security number (for U.S. citizens), and even a scan of both sides of your ID. No fields can be left blank, and the site diligently prompts you about any omissions.”

The portal mimics the official site of Mercy Corps, a charity that helps victims of natural disasters and armed conflicts.

“However, the only topic on this one is Facebook grants, and the victim is asked to specify how many years they have been a user of the social network,” researchers noted. “The collected information allowed the scammers to gain access of their victims’ Facebook accounts, which they could use to pull off other crimes, including identity theft.”

There are a few red flags along the way; for instance, the headline in the purported CNBC article is filled with grammar mistakes.

#web security #account credentials #account takeover #coronavirus #covid-19 #data harvesting #facebook #id pics #identity theft #individual grant #kaspersky #phishing #relief #scam #small business grants #telegram #whatsapp

Facebook Small Business Grants Spark Identity-Theft Scam

threatpost.com

Facebook Small Business Grants Spark Identity-Theft Scam

“The collected information allowed the scammers to gain access of their victims' Facebook accounts, which they could use to pull off other crimes, including identity theft.” ... However, the form fields provide the crooks with enough personal information to steal full identities, researchers warned.

1.10 GEEK