Users should know better than fall for this type of scam

May 27, 2015 16:00 GMT  ·  By

A message designed to scare recipients into accessing a malicious page aimed at collecting Facebook credentials and credit card data is distributed via multiple communication avenues, including those on the Facebook social network.

Cybercriminal lure users with a fake notification claiming that their social network profile will be disabled unless they verify their identity with the associated email address.

Users are tricked to log into the fake page

The message says that the profile has been reported for abusive activity, which violates the terms and conditions agreed upon when signing up.

In order to recover the account and eliminate suspicion of nefarious actions, the user is directed to a site that includes the string “recovery-page” in the domain name, for credibility; a clear hint of the deceit should be the fact that the page does not have the layout of the social network site.

Then they are asked to sign in with their email address and Facebook password. Any data entered into the fields goes straight to cybercriminals, who can take control of the profile and use it for malicious activity, such as sending malicious links to friends in the list.

Credit card info required to unlock the account

Online Threat Alerts reports that the scam does not stop at this and asks the victim to provide credit cards information to unlock their Facebook account. By this point, the deceit should be pretty clear and victims should hurry and change their password for the social network account.

Given its large number of users (over 1.4 billion), Facebook is the favorite phishing pond for cybercriminals as they can find a sufficient number of gullible individuals ready to fill their pockets with money.

It is important to remember that Facebook would never threaten a client with disabling or locking their account.

On the same note, in case of conflict, the social network will use for communication the email address provided upon registration.