Cheats are currently using Facebook to steal your money and convert them directly into Bitcoin.
Polish scammers are reportedly running a sophisticated scam that involves hacking Facebook profiles. Immediately after the hack they loot bank accounts and quickly transfer the stolen funds to anonymous walleta Bitcoin.
BadCyber was discovered by an independent security team. What is particularly interesting is how complex and persistent the scammers' plan is.
The hackers they initially use known malware and phishing techniques to steal login credentials and gain access to Facebook accounts. Once an account is compromised, attackers begin to inspect the user's chat history and target people the victim communicates with, as if they were the real users.
From the compromised account, the attackers start asking for small amounts of money to "top up" a large amount of money for some online purchase. Since Poland is heavily using payment intermediary services that allow online purchases without credit cards, these requests are not at all unusual.
Once a contact has agreed to make the conchange, attackers send a fake link payments that directs unsuspecting victims to carefully cloned ones websites popular payment providers. There, the victim will be asked to complete the payment by entering a unique code received via SMS.
How;
The attackers, in addition to intercepting the unique code, go ahead and allow the payment to be completed through the fake σελίδαs, except that without the victim's knowledge, they have characterized the transaction as "reliable transport. "
The BadCyber Security Team says that after that it takes about 15 minutes to empty the bank account and transfer all stolen money to anonymous Bitcoin wallets.
It is unknown at this time what he will do after leaving the post, but researchers believe that "several attempts" were made overnight.
According to the security team, what makes the scam particularly unpleasant is that scammers exchange money directly to Bitcoin. The fact and the complexity of the attack makes it very difficult to locate the fraudsters.
"It starts with Facebook, then moves to rogue sites that record victims' movements using socks ports on zombie machines located in the same area where the victim lives," the researchers said.
“Professional teams only detections that have appropriate mechanisms in place can properly handle and detect these attacks.”
Don't think, activate the control immediately identity two factors on Facebook now and be very careful if a friend like to ask for help for a small online transaction.