Skip to content

Meta-Phish: Facebook Infrastructure Used in Phishing Attack Chain

Table of Contents

Researchers at Trustwave Holdings Inc.’s SpiderLabs detailed a new campaign that leverages Facebook infrastructure for phishing attacks and the theft of personally identifiable information.

Users are advised to be extra careful when receiving false violation notifications and not to be fooled by the apparent legitimacy of the initial links.


  • hxxps://www[.]facebook[.]com/01oix2/posts/102106376025783
  • hxxps://meta[.]forbusinessuser[.]xyz/?fbclid=123
  • hxxps://meta[.]forbusinessuser[.]xyz/main[.]php
  • hxxps://meta[.]forbusinessuser[.]xyz/checkpoint[.]php
  • hxxps://api[.]telegram[.]org/bot5213906361:AAEAYFxbgjU7aBqrUm3ufkkt8UybZP_Lnbo/

Full analysis of the campaign can be read here.