Security researchers have discovered a huge Phishing campaign, which uses Facebook ads and GitHub pages. In this way, the attackers have targeted more than 615.000 users, stealing them credentials of their account.
Facebook: Ads Phishing campaign
Researchers from the Nepal Cybersecurity Company, Threat Nix, posted their findings on the extensive phishing campaign on Facebook. According to the research, the attackers targeted Facebook users with fakes advertisements. Such ads usually appear as sponsored posts from pages owned by various companies and sellers.
The users they usually have no problem with these sponsored posts and often enter ads to learn more information. The attackers took advantage of the users' interest and created this campaign to deceive them.
According to the investigators, the criminals created various pages that represent other legitimate sites of companies. These pages are running sponsored ads with links that redirect users to phishing pages hosted on GitHub pages.
The phishing sites imitate the Facebook login page to steal their credentials users.
But how did the attackers succeed in carrying out this phishing campaign?
The researchers explain: “While Facebook is taking steps to ensure that such phishing pages are not approved for advertising, in this case, the scammers used Bitly links that should have originally shown a legitimate page. After the ad was approved, the links were modified to lead to a phishing domain".
The phishing campaign affected more users from Asia
According to statistics, η campaign targeted mainly Asian users, however, the overall impact has reached and in Africa and Europe. The victims were mainly from Nepal, the Philippines, Egypt, Pakistan, Mongolia, Norway, Tunisia, Iraq, Malaysia and Algeria. However, the list showed stolen credentials from users from more than 50 countries.
By the time of its discovery, the campaign had already targeted more than 615.000 users and was continuing. Researchers have not yet released further details as they work to eliminate this ads phishing campaign.
Source: Latest Hacking News