Meta’s Messenger chatbot is the third largest digital messaging app in the world, with 988M users worldwide, behind WhatsApp and WeChat, but that doesn’t make it insurmountable. And it is that, there has been a new cyber attack on this service.
This instant messaging service is widely used not only by users, but also by small digital businesses and companies to respond to their customers on a daily basis and offer a customer service and monitoring system.
“The chatbot has become a fundamental tool for these ecommerce, becoming one of the main sources of communication and management of incidents with consumers. Therefore, the damage reported due to cyberattacks has caused and will continue to cause quite serious economic damage”, says Hervé Lambert, Global Consumer Operations Manager at Panda Security.
Chatbot scam process steps
As Lambert points out, “the goal is clear: steal Facebook login credentials. In this case it is a more sophisticated and careful scam, at least aesthetically. Hackers have developed a multi-step technique by polishing aesthetic and orthographic details to make them more difficult for the victim to recognize.”
- Start with an email from phishing, whose headline and body of the message inform about the need to contact the Facebook team to prevent your page or profile from being deleted, since the “social network” claims to have found some type of user content that violates the rules of the virtual community.
- The email provides an “appeal” link that redirects to a Messenger conversation with a chatbot, which again offers them another link, as if it were a technical support service. The deception leads the victim to a form to fill in the information and not lose her account in a maximum of 48 hours. Once the link is clicked, it redirects to a page that mimics the Facebook support page.
This is the new cyberattack through the Meta Messenger chatbot, and how you can avoid it
- Next, the fake support page, makes available to the victim a form that must be filled in with personal data such as telephone number, their profile or Facebook page that they intend to maintain and press “Send”, whose final step is to ask them for their Facebook password. The culmination comes when the victim is redirected to another page that emulates a double authentication page in which a countdown appears for verification.
- Once the numerical code of the authentication has been inserted, which will have been sent via SMS (since the data of the telephone number and email have been previously collected), the page redirects to a real page of the help center of Facebook containing information on intellectual property and copyright.
How to detect phishing attacks
Among the main recommendations to prevent or act against a phishing attack, it is always recommended to carefully observe the writing of the body of the message to find grammatical inconsistencies or spelling errors that no accredited professional would make.
However, this measure is insufficient and another series of guidelines must be taken into account. Between them:
- Parse the email header and verify the sender’s domain
- Check the URL of the site or web page that we visit and check if the domain corresponds to the original, in this case Facebook, to avoid accessing fraudulent sites with our accounts
George is Digismak’s reported cum editor with 13 years of experience in Journalism