Finland warns of Facebook accounts hijacked via Messenger phishing


Finland’s National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims’ friends in Facebook Messenger chats.

In the alert, the NCSC-FI says that all Facebook users who received messages from online acquaintances asking for their phone numbers and a verification number delivered via SMS are the targets of this ongoing scam.

If they provide the information they’re asked for, the attackers will take control of their accounts by changing the password and associated email address.

Once hijacked, the Facebook accounts will target other potential victims from their friend list in similar scams.

“In the attempts, a hacked account is used to send messages with the aim of obtaining the recipients’ telephone numbers and two-factor authentication codes to hijack their Facebook accounts,” the cybersecurity agency explained.

To successfully hijack their targets’ Facebook accounts, the scammers will go through the following steps:

  1. They first send a message from the previously compromised friend’s account via Facebook Messenger.
  2. They ask for the target’s phone number, saying they want to help with registering for an online contest promising prizes of thousands of euros.
  3. The next stage involves asking for a code sent via SMS allegedly sent by the contest’s organizers to confirm the entry.
  4. If the SMS confirmation code is shared with the scammers, they will use it together with the phone number to access and hijack the victim’s Facebook account.
  5. Next, they will change the account password and email address and start forwarding similar scams to the victims’ friends.

“The best way to protect yourself from this scam is to be wary of Facebook messages from all senders, including people you know,” the NCSC-FI advised.

“If the message sender is a friend, you can contact him, for example, by phone and ask if he is aware of this message. This information should not be disclosed to strangers.”

Meta (formerly known as Facebook) has recently filed a federal lawsuit in a California court to disrupt other ongoing phishing attacks targeting Facebook, Messenger, Instagram, and WhatsApp users.

The threat actors behind these phishing campaigns have used roughly 40,000 phishing pages designed to impersonate the four platforms’ login pages.

These actions are part of a long series of lawsuits Facebook filed against attackers targeting its users and abusing its platform for malicious purposes.