Phishing attacks are notoriously common on Facebook. If a scammer can obtain a user’s login credentials then they can create all sorts of mayhem! The latest phishing scheme we’ve uncovered involves the use of Facebook ads. We noticed the advertisement shown below in the bottom right column of our Timeline. It is common for ads to rotate in this space. We thought this was an usual offer, so we clicked on the link to check it out. We were originally taken a domain called ‘longwangao.com.’ This site immediately redirects to a random phishing site resembling Facebook. We were redirected to two different domains while investigating the scam, and there could be others.
This scam seems to be ill crafted from the start. It’s seems very out of place for someone responding to a WOW gold advertisement to be directed to a Facebook login screen. The most troubling part about this particular scam is that they are using Facebook ads to drive traffic to the scam sites. Always keep this in mind – just because you see an ad on Facebook, don’t assume the company is legitimate!
Luckily, our Chrome browser detected the phishing attempt and triggered the following warning:
Phishing scams often use multiple domains and tactics, but the end game is always an attempt to obtain your Facebook user name and password.
If you entered your Facebook log in credentials on the page shown above, then you need to change your Facebook password ASAP. If you are too late, then try to reclaim your account. Check out the following article for additional steps you should take:
Be sure to let your Facebook friends know that your account has been compromised and not to click on any links that are sent from you.
If you or your Facebook friends are falling for tricks like this, it’s time to get yourself informed of the latest threats. Be sure to join the Facecrooks page on Facebook to be kept informed of the latest security issues.