Facebook mention spam phishing attack: How it happens and what to do if you are a victim

Are you suddenly started getting loads of Facebook spam mentions from some of your trustworthy friends? When you click these notifications informing the mention (@Mention), you realized that you are being tagged in a “mass mention spamming” in a response which doesn’t look like a normal status update. There everybody involving are mentioning their friends blindly in mass amount. Above all, the status update reveals some tricks/methods to play with Facebook using your browser console. If you find such mentions that means your friend became a victim of some phishing attack trying to steal his confidential credentials like passwords, credit card credentials, bank account details, etc. with some automated system overriding browser security over console.

How it happens:

This mention attack happens in 4 steps. If you can abort any one of these, then probably you won’t be a victim of this spam mention phishing attack. These steps are described below:

  1. Attracting Facebook users: This mention attack initiates with an lucrative status update revealing some tricks to play with Facebook systems. You’ll be asked to copy some code and paste in your browser console. As per the status update, this will bypass the Facebook security system and give you some beyond security/privacy benefits, such as thousands of fake likes, username and password of your selected friends, etc. The attack begins here. In some cases, the status message will ask you to do some preliminary tasks, such as mentioning a friend in the comment box whose username/passwords will be sent to you via an untraceable fake personal message, etc. If you follow their instructions then you are very near to be compromised with your online security.
  2. Pasting their code in your browser’s console: This is the second step of such Facebook phishing attack. They will force you with lucrative messages to copy their codes and paste in your browser’s console. Actual bypass is processed in this step. When you paste their code in your browser’s console and press the Enter key, a colorful Facebook Theme will be installed and you will see some extras loading over your Facebook/browser interface. These will bypass browser’s security and steal confidential credentials from your PC and even cache files.
  3. The code blocks some important browser security scripts: The codes pasted in your browser’s console will block some important security scripts in your browser, which protects your confidential credentials from phishing attacks. Here you are compromised. The Facebook Theme installed in your browser will collect confidential data and send them to the attack initiator. Thus you will become a victim of this new kind of phishing attack which passes through Facebook spam mentions.
  4. Mentioning some random friends: This is the last but most important step to pass the attack through other Facebook accounts. The Facebook Theme that was installed in your browser will choose some random contacts from your friend list and tag them into a comment to the post where you landed in the Step- 1 above. Thus the phishing attack continues and passes through numerous new victims every second.

So, this was all about how the new phishing attack which spreads thorough Facebook spam mentioning. Now let’s know what to do if you are a victim:

Do these as soon as you realize: After you realize being compromised, immediately do these- (Following these doesn’t guarantee that you are safe enough. So, it is recommenced to get in touch with an expert  to ensure to ensure  total security.)

  • Disconnect your PC from internet as soon as you realize the attack. This may safe your credentials to some extend.
  • Clear your browser cache and temporary files from your PC.
  • Update your antivirus database and perform a full system scan.
  • Close all your active online sessions and change all your passwords (including Facebook) associated with the PC.

Now, to0 some extend, probably you are safe enough to go ahead and report Facebook support about the attack.

What to do if you see someone mentioning you/others in some spam status updates?

First, never loose your temper and blame the friend as he/she is also a victim. He/she is mentioning you unknowingly. So, be polite and inform him/her about the issue immediately. Then you should Report the Status Update as Spam to Facebook support. This will help the support team to deal with it in a short span and many other Facebook users will be in a safe stand.

Posted in News, Technology and tagged , , , .

Sultan

Sultan Mustafijul Hoque is a web professional who is the founder of Domain Registration and Web Hosting service at HostSlicer. He is also a co-founder at Indilens News and Lead Editor at India's No. 1 Educational Portal IndiaStudyChannel. Sultan holds the technical responsibilities of this site. He is the sole developer of the theme Neo Zee Pro which giving this awesome look of the site. You can get a copy of the theme from the official theme page here. If you have any comments on the design or anything else you are welcome to post as a response in the official theme page.

Leave a Reply

Your email address will not be published. Required fields are marked *

Resolve it-- *