Another Strategy to Send a Phishing Link into Facebook Inbox
After few days of that phishing campaign we talked about in a previous post , I faced a new strategy to phish Facebook page admins and steal their accounts/pages.
In this method of reaching out to Facebook page admins to convince them to click the phishing link and follow through the phishing funnel is using the inbox. The hacker/phisher is just sending you a direct message in messenger to convince you to click on the link.
The hacker is using something called Meta chat plugin which I don’t know. But s/he is somehow using an application/api related thing.
If you click that phishing link, it leads you into a webpage similar to Facebook design/layout but it is not served from a Facebook domain.
Make sure to take a look at the url above the screen, so you can verify if the current domain is owned by Facebook or not.
The domain names owned by Meta / Facebook are:
- meta.com
- facebook.com
- fb.com
- fb.me
- thefacebook.com
- fbsbx.com
- investor.fb.com
- accountkit.com
- messenger.com
- m.me
- m.com
- instagram.com
- threads.net
- blog.whatsapp.com
- translate.whatsapp.com
- web.whatsapp.com
- whatsapp.net
- <www.whatsapp.com>
- alpha.whatsapp.com
- media.whatsapp.com
- oculus.com
- answers.oculus.com
- forums.oculus.com
- workplace.com
- portal.facebook.com
- freebasics.com
- internet.org
So, if the domain is not one of them, it is not owned by facebook. It is fraud. It is scam. It is a phishing page.
The list of domains above is taken from the official page of bug bounty program .
I hope this post helps you. If you know a person who can benefit from this information, send them a link of this post. If you want to get notified about new posts, follow me on YouTube , Twitter (x) , LinkedIn , and GitHub .
