Fraudsters are taking advantage of the uncertainties surrounding the regulations of the GDPR: They want to get the login data using an alleged email from Facebook.
Apparently Facebook is sending an email to users claiming that copyright has been violated.
This is what the email looks like:
The email says:
Hi,
Recently there have been reports of copyright infringement on your Facebook posts. .
We would like to ask you to review the content of your posts to ensure that they comply with Facebook's Terms and Conditions.
If you believe that these reports have been submitted in error or that you are the copyright owner of the materials posted on the site, please report it using the following link:
https://www.facebook.com/verify/appeal/130223378528
If your page is not verified within 48 hours, we reserve the right to suspend the account without further notice.
Kind regards,
The Facebook team
Now there are a few things that indicate that the email is not genuine, for example the succinct salutation “Hi”, the change from “Sie” to “Du” in the email, umlauts like ä, ö and ü are not used, the ß in “GruBen” there is a Cyrillic letter, but two points raise suspicion:
- The sender appears to be Facebook (but this can be faked)
- The link embedded in the email actually leads to Facebook
Now it's getting bold
If you click on the link, you actually end up on Facebook!
The link takes us to a form on the real Facebook page, which explains again in English that you have been reported for “copyright content”. We should now enter our name, email address, telephone number and password .
Wait a moment!
Why does Facebook need our password?
After all, we are already logged in! Reason enough to take a closer look at the form.
We could see that the supposed form is not directly on Facebook, but rather a Facebook app is used to integrate the form into Facebook.
This can be recognized by the fact that the URL says “app”. There, just like in the top line on Facebook, you can also see the word “Appeal”, apparently the name of the malicious app.
Where does the form come from?
To find out, we simply open the frame in which the form is located in a new tab.
And here we now see who our data will go to:
Apparently a subpage with this form was created on the domain, which has only existed since August 1, 2018. It is unclear whether the creator of the domain placed this form there or whether the site may have been hacked to accommodate this form there.
Conclusion
Facebook does not emails about copyright infringement! With this brazen phishing method, which is not immediately obvious, fraudsters get your name , phone number and your Facebook password in order to then be able to access your profile directly!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )