Facebook is often vulnerable to technology breaches. There have been several of such breaches putting users worldwide at risk of data and financial loss. Now, a number of security researchers have exposed a new and major Facebook scam that affects hundreds of thousands of users.
The scammers left a trace of action on a server said to be unsecured. Almost 200,000 Facebook usernames and passwords, including emails, names, and phone numbers of many users; thousands of them, who had fallen prey to a Bitcoin scam.
The scam worked in two ways but captures essentially the same type of social media users. One group was enticed to reveal their log-in details when they punch it in a fake app, which promises users that it will reveal to them who recently tried to log into their accounts or visited their profile. Once a user does, his or her login details would be used by the scammer to post comments on their Facebook timeline. The post would direct the person’s friends to a Bitcoin fraud scheme page.
About 14 million accounts have been exposed in this way, and probably more will be exposed through the Elasticsearch server. All 14 million database records have been exposed and they include domains, text outlines related to the Facebook comments that fraudsters posted.
The researchers were able to grasp about three months of exposed data but they hint that there could have been more damage before the period of June-September 2020. It is possible that the scheme may have been bigger in the past before it was exposed. This understandable because as soon as the exposed data was wiped off, new data immediately showed up before the server was secured.
One thing noticeable regarding the cyber-criminals is that they can quickly monetize the resource, and follow effectively all attempts to blackmail, deceive, and dupe Facebook users. vpnMentor encourages users to quickly change their password if they think their accounts have been compromised.