"“Is It You In The Video?” – Don’t Fall For This Messenger Scam"
Researchers have discovered a new phishing attempt that is using Facebook Messenger. Adversaries use people's social media accounts to send "a video" to the user's friends. The adversaries then ask, "is it you in this video". There is no video, and it shows a black image that links to a URL shortening service, which in turn redirects to a URL that pops up what looks like a Facebook login page. Unfortunately, if a victim does end up putting in their username and password into the fake login page, it would submit the credentials to a server running on a low-cost web hosting service in the USA, using a vaguely legitimate-looking domain name that was registered less than a month ago. Scammers have been targeting social media passwords more frequently because it allows the adversaries a level of trusted access to one's friends and family, making scams of all sorts much easier to pull off.
Naked Security reports: "“Is It You In The Video?” – Don’t Fall For This Messenger Scam"