Another Strategy to Send a Phishing Link into Facebook Inbox

· · 276 words · 2 minute read

After few days of that phishing campaign we talked about in a previous post , I faced a new strategy to phish Facebook page admins and steal their accounts/pages.

In this method of reaching out to Facebook page admins to convince them to click the phishing link and follow through the phishing funnel is using the inbox. The hacker/phisher is just sending you a direct message in messenger to convince you to click on the link.

phishing link in Facebook inbox

The hacker is using something called Meta chat plugin which I don’t know. But s/he is somehow using an application/api related thing.

Phishing link sent via Meta chat plugin

If you click that phishing link, it leads you into a webpage similar to Facebook design/layout but it is not served from a Facebook domain.

wrong domain - not Facebook

Make sure to take a look at the url above the screen, so you can verify if the current domain is owned by Facebook or not.

similar design but not Meta owned domain

The domain names owned by Meta / Facebook are:

  • meta.com
  • facebook.com
  • fb.com
  • fb.me
  • thefacebook.com
  • fbsbx.com
  • investor.fb.com
  • accountkit.com
  • messenger.com
  • m.me
  • m.com
  • instagram.com
  • threads.net
  • blog.whatsapp.com
  • translate.whatsapp.com
  • web.whatsapp.com
  • whatsapp.net
  • <www.whatsapp.com>
  • alpha.whatsapp.com
  • media.whatsapp.com
  • oculus.com
  • answers.oculus.com
  • forums.oculus.com
  • workplace.com
  • portal.facebook.com
  • freebasics.com
  • internet.org

So, if the domain is not one of them, it is not owned by facebook. It is fraud. It is scam. It is a phishing page.

The list of domains above is taken from the official page of bug bounty program .

I hope this post helps you. If you know a person who can benefit from this information, send them a link of this post. If you want to get notified about new posts, follow me on YouTube , Twitter (x) , LinkedIn , Facebook , Telegram and GitHub .

Share: