Facebook supports Facebook Phishing
TL;DR: Facebook is aware of phishing attacks against its users and doesn't do anything about it.
- Author:
- Christian Hujer, CEO / CTO at Nelkinda Software Craft Pvt Ltd
- First Published:
- by
Nelkinda Software Craft Private Limited - Last Modified:
- by Christian Hujer
- Approximate reading time:
1 The Suspicious Message
Today, I received the following message from a friend.
This was immediately suspicious for a number of reasons. The English was not my friend's style. The English sounded click-bait. The video preview was black.
2 The Suspicious Post
Following the video link in the message leads to this post:
3 The Phishing Site
And following that link leads to:
A tech-savvy eye immediately recognizes this as a phishing attack. The looks of the site are like that of Facebook. But the site is not Facebook. The address bar shows "725571857.storage.googleapis.com". The grammar of the text is wrong. The copyright year is 2018. The looks of the site seemed "oldish". This site is obviously not Facebook. This site simply wants to steal your Facebook account credentials.
4 Facebook's Response: Shrug
So I've reported this to Facebook, and this was Facebook's response:
This means that Facebook knows that there are phishing attacks going on, against Facebook users, on Facebook. And it means that Facebook doesn't do anything about it.
5 My Friend
I had immediately messaged my friend on WhatsApp. I told them that they were phished and should immediately change their Facebook password. Plus, they confirmed that they did obviously not send this message on Facebook.