Finland's National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims' friends in Facebook Messenger chats.
In the alert, the NCSC-FI says that all Facebook users who received messages from online acquaintances asking for their phone numbers and a verification number delivered via SMS are the targets of this ongoing scam.
If they provide the information they're asked for, the attackers will take control of their accounts by changing the password and associated email address. Once hijacked, the Facebook accounts will target other potential victims from their friend list in similar scams.
"In the attempts, a hacked account is used to send messages with the aim of obtaining the recipients' telephone numbers and two-factor authentication codes to hijack their Facebook accounts," the cybersecurity agency
explained.
To successfully hijack their targets' Facebook accounts, the scammers will go through the following steps:
- They first send a message from the previously compromised friend's account via Facebook Messenger.
- They ask for the target's phone number, saying they want to help with registering for an online contest promising prizes of thousands of euros.
- The next stage involves asking for a code sent via SMS allegedly sent by the contest's organizers to confirm the entry.
- If the SMS confirmation code is shared with the scammers, they will use it together with the phone number to access and hijack the victim's Facebook account.
- Next, they will change the account password and email address and start forwarding similar scams to the victims' friends.
