Scammers target Facebook Business accounts

Sep 05 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter thatโ€™s happy to announce that the UK-wide cyberattack on summer has finally been thwarted and, as such, September is set to be a scorcher ๐Ÿ˜Ž๐Ÿ˜‚๐Ÿ–๏ธ

Todayโ€™s hottest cybersecurity news stories:

  • ๐Ÿ“ฐ More malvertising: Vietnamese scammers target Facebook Business accounts ๐Ÿ’ผ

  • ๅพ— Chinese-speaking scammers launch โ€˜smishingโ€™ (SMS) attack via iMessage in U.S. ๐Ÿ“ฑ

  • ๐Ÿ‘‡ Twitter (X) to ask for biometric data from premium users to combat fake accounts ๐Ÿ‘ค

Charlie dฬถoฬถnฬถ'tฬถย DOES (web) surf ๐Ÿ™ƒ

๐Ÿ“ฃ Vietnamese Cybercriminals Target Social Media Platforms with Malware ๐ŸŒ๐Ÿฆ 

Afternoon, cyber-squad! ๐Ÿ‘‹ We've got an important update about cyber threats targeting social media, especially Meta-owned Facebook. ๐Ÿค–

According to cybersecurity researchers, malicious actors linked to the Vietnamese cybercrime scene are now using ads on Facebook to spread dangerous malware. ๐Ÿ˜ฑ

These cybercriminals have been busy targeting not only individuals but also businesses using Meta Business and Facebook accounts as their playground. They employ various tactics, including social engineering, to gain unauthorised access to user accounts. ๐Ÿคจ

One popular method is luring victims through platforms like Facebook, LinkedIn, WhatsApp, and even freelance job portals. ๐Ÿ•ต๏ธโ€โ™‚๏ธ They also use search engine poisoning to trick users into downloading bogus software.

What's alarming is their misuse of URL shorteners, Telegram for command-and-control, and legitimate cloud services like Dropbox and OneDrive to host malicious content. ๐Ÿ˜ˆ

Quack, quack, itโ€™s a cyber-attack! ๐Ÿฆ†

One notorious group, known as Ducktail, uses enticing ads on Upwork and Freelancer to bait victims. They then deploy the Ducktail stealer malware, stealing saved session cookies and taking control of Facebook business accounts, which they sell on the dark web. ๐Ÿ˜ฑ๐Ÿ’ฐ

These attacks are evolving, with the malware now targeting more platforms like Twitter and TikTok Business. The cybercriminals are also creating fraudulent ads using stolen session cookies. ๐Ÿ˜จ๐Ÿช

To evade detection, they use various techniques like process killing, encryption, and obfuscation. They've even been known to infiltrate LinkedIn accounts, making their attacks seem more authentic. ๐Ÿ˜ต๐Ÿ”’

Listen up, this is Duckportant! ๐Ÿฆ†

But that's not all โ€“ there's another player in town, Duckport, which is a copycat of Ducktail, but with its own set of tricks. They are also into information theft and account hijacking. ๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿค–

These threats highlight the close-knit Vietnamese cybercriminal community, sharing tools and tactics, making it harder to track them down. ๐ŸŒ๐Ÿ”

Stay safe online, and be cautious when clicking on ads and links, especially on social media. ๐Ÿ’ป๐Ÿ”

I came across ZZZ money club during the crypto market bull run when everyoneโ€™s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

Ah yes, your classic smish and grab attack ๐Ÿ˜ Itโ€™s an Aussie favourite ๐Ÿ™ˆ

๐Ÿšจ Alert: Beware of iMessage Smishing Scam Targeting the U.S. ๐Ÿ“ฑ๐Ÿ”’

Heads up, everyone! There's a new smishing (SMS phishing) campaign on the rise, and it's hitting the United States hard. ๐Ÿ˜ฑ

๐Ÿ“ฆ What's Happening?

A group known as the "Smishing Triad," believed to be Chinese-speaking cybercriminals, is behind this large-scale smishing campaign. They're using compromised Apple iCloud accounts to send iMessages, with one goal in mind: identity theft and financial fraud. ๐Ÿ˜จ

๐Ÿ“ฑ How Does It Work?

These scammers impersonate popular postal and delivery services, tricking victims into clicking on a link to "reschedule" a delivery. But it's all a trap! The link leads to a fake form where victims are asked to enter their credit card information. ๐Ÿ˜ ๐Ÿ’ณ

๐Ÿ”“ What's at Risk?

Your personally identifying information (PII) and payment credentials are in danger. The scammers are after your identity and credit card details. ๐Ÿ˜ซ

๐ŸŒ The Dark Web Connection

The Smishing Triad offers "smishing kits" on Telegram for $200 a month, making it easy for other cybercriminals to join in. They even collaborate with Vietnamese-speaking members and other groups for more extensive operations. ๐Ÿ˜ˆ๐Ÿ•ต๏ธโ€โ™‚๏ธ

๐Ÿ” What to Look Out For

Always be cautious of unexpected messages and links, especially via SMS or iMessage. Don't click on suspicious links, and never share your personal or financial information unless you're absolutely certain it's legitimate. ๐Ÿšซ๐Ÿ’ป

๐Ÿ›’ Additional Threat

Besides smishing, this group is also involved in Magecart-like attacks on online shopping platforms to steal customer data. Stay vigilant! ๐Ÿ”

Remember, smishing is a growing threat, and scammers are getting smarter. Stay safe and inform your friends and family about these dangers! ๐Ÿ’ช

๐Ÿ—ž๏ธ Extra, Extra! Read all about it! ๐Ÿ—ž๏ธ

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • โœˆ๏ธ ViaTravelers: Get exclusive travel tips, news, and insider deals right in your inbox.

  • ๐ŸŒย Leadership in Tech: A weekly newsletter for CTOs, engineering managers and senior engineers to become better leaders.

  • ๐Ÿง ย Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.

Let us know what you think!

Elon Musk be having a laugh ๐Ÿ˜ฌ He canโ€™t X-pect that ๐Ÿ’€

๐Ÿ”’ Privacy Update Alert: X (Formerly Twitter) to Collect Biometric Data ๐Ÿ“ฒ๐Ÿ‘ค

Ever since Twitter turned itself into a symbolโ€ฆ ๐ŸŽถย ๐Ÿšจ Sorry. X, the social media giant formerly known as Twitter, is making changes to its privacy policy, and it involves collecting your biometric data. ๐Ÿ˜ฎย 

๐Ÿ“… Effective Date: September 29, 2023

Starting at the end of the month, X's updated policy will allow the collection and use of biometric information for safety, security, and identification purposes. However, this change is said to be limited to premium users. ๐Ÿ›ก๏ธ๐Ÿค–

๐Ÿ†” Identity Verification

To fight impersonation and enhance security, users may be asked to provide government ID and a photo for identity matching using biometric data. The specifics of how this data will be collected and how long it will be retained remain unclear. ๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿคณ

๐Ÿ“š Additional Changes

X's updated policy may also include collecting users' employment and educational history. This data could be used to offer job recommendations, share information with potential employers, and deliver personalised ads. ๐Ÿ“ˆ๐Ÿ’ผ๐ŸŽฏ

๐Ÿ’ฌ More on X's Recent Updates

X has been busy lately, introducing encrypted direct messages (DMs) and new hiring features for Verified organisations. Users can look forward to making video and audio calls without sharing their phone numbers. Plus, the platform plans to use collected data to train machine learning and AI models. ๐Ÿ“ฉ๐Ÿ“น๐Ÿค–

๐Ÿšซ Privacy Assurance

According to X CEO Elon Musk, this policy change focuses on public data and doesn't affect private DMs or personal information. Your privacy remains a top priority. ๐Ÿ™Œ๐Ÿ”

Stay informed and keep an eye out for these updates when they roll out.ย ๐Ÿ“ข And for heavenโ€™s sake, donโ€™t let them microchip you! ๐“‡ฒ

So long and thanks for reading all the phish!

Recent articles