Facebook users in the Czech Republic and Slovakia faced a wave of fake news reports on a “deadly attack in Prague”. When a user clicks on this hoax, they are redirected to a phishing webpage which tries to trick him/her into sharing their Facebook credentials.
“From what we have learned about this campaign, the attack may have been designed to continue in other countries,” warns Lukáš Štefanko, ESET Malware Researcher.
The fake news on the alleged terrorist attack in Prague was easy to debunk as the location in the image clearly didn’t resemble Prague, nor any other major city in Europe. Despite this, the scam spread quickly.
“Facebook users often share stories without actually reading them. Scam campaigns, if designed to be emotionally appealing, fare surprisingly well because of our unfortunate behavior,” comments Lukáš Štefanko.
Soon after the campaign’s launch, Facebook started to block the phishing Facebook pages used in this campaign. ESET security products block phishing webpages connected with this scam along with other domains registered by this same person.
“In the past weeks, there were 84 domains registered by the same person. Several of them have the Facebook phishing functionality, while others could be used in future for a larger scale attack,” says Lukáš Štefanko.
Recommendations by ESET security experts to those who think they might have been tricked into sharing their Facebook credentials:
- Change your Facebook password and make use of the two-factor authentication Facebook provides.
- If you have been using the same password for multiple services, change the password wherever applicable – and put a stop to the extremely risky practice of password sharing.