Scammers are relentless in their pursuit of your personal information, from login credentials to credit card numbers, and one of the latest schemes targets Facebook users (again), this time in an attempt to open an ongoing line of communication that they can exploit over time.
Malwarebytes Labs has identified a login phishing scam nearly identical to the one I recently covered aimed at Instagram users. Here’s how this campaign works—and how to avoid falling for it.
Mailto: phishing targets Facebook accounts
This scam begins like many do, with an unsolicited email. The subject line is somewhat alarming—“We’ve Received a request to Reset your password for Facebook Account !”—and despite the odd use of capitalization, you may click just to be absolutely sure there’s nothing you need to do. The body states that you’re receiving this email because someone just logged into your account from an unrecognized device, and Facebook wants to verify it’s really you. There are two buttons to choose from: “Report the user” and “Yes, me.”
While many phishing schemes prompt you to click a link that leads to a fake website designed to steal your credentials, this one (like the recent Instagram scam) uses mailto: links instead. If you click either of the buttons or the unsubscribe option at the bottom, your device will launch your default mail program and open an email with a prefilled subject line matching the button text. The reply email doesn’t go to a domain owned by Facebook or Meta, though scammers use a technique called typosquatting to make the address look at least somewhat legitimate, such as belonging to companies like Black Diamond or Vacasa.
This may seem relatively innocuous, as you haven’t actually provided any personal information in your reply. However, hitting “send” validates your email address so scammers can target you in the future. They may also try to build a relationship with you over email and gain your trust over time. Mailto: phishing is more likely to evade email filters compared to malicious links, so scammers can actually reach your inbox.
How to avoid Facebook login phishing
As with all scams, this one uses urgency to convince you to act, because of course you want to protect your account from unauthorized logins. That’s why you should always carefully scrutinize communication—email, text, social media message, phone call, you name it—that provokes a strong emotion, including anything related to security. These campaigns tend to contain other common red flags, such as typos and grammatical errors, and they usually originate from email addresses, accounts, or phone numbers that are obviously fraudulent.
You probably know to be wary of clicking links in unsolicited messages, which goes for mailto: links as well. Always hover over hyperlinks and buttons before opening them. If a link does launch a pre-addressed email, do not send it. Remember that companies will not demand sensitive information from you over email, and you should always go directly to verified communication channels, such as secure messages in an account portal or phone numbers found on the company’s website, to confirm that the request is legitimate.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.