Table of Contents
Researchers at Trustwave Holdings Inc.’s SpiderLabs detailed a new campaign that leverages Facebook infrastructure for phishing attacks and the theft of personally identifiable information.
Users are advised to be extra careful when receiving false violation notifications and not to be fooled by the apparent legitimacy of the initial links.
IoCs
- hxxps://www[.]facebook[.]com/01oix2/posts/102106376025783
- hxxps://meta[.]forbusinessuser[.]xyz/?fbclid=123
- hxxps://meta[.]forbusinessuser[.]xyz/main[.]php
- hxxps://meta[.]forbusinessuser[.]xyz/checkpoint[.]php
- hxxps://api[.]telegram[.]org/bot5213906361:AAEAYFxbgjU7aBqrUm3ufkkt8UybZP_Lnbo/
