Social media users warned over fake terror attack scam

Social media users are being warned of a hoax scam which spreads fake terror news to trick victims into disclosing their Facebook details.

ESET Ireland said Facebook users in the Czech Republic had been targeted with a fake news report on a “deadly attack in Prague”. Soon after the Facebook scam was made public in the Czech media, the scammers turned their attention to Slovakia and duplicated the scam to find new victims.

“From what we have learned about this campaign, the attack may be designed to continue in other countries,” warned Luká?s ?Stefanko, a malware researcher at ESET.

“The scam starts with a compromised user account sharing or commenting on the status of a terrorist attack,” an article on the ESET Ireland blog said. “The victim’s friends are tagged in this comment as well.

“When a user clicks on this hoax, he or she is redirected to a phishing webpage that requests his or her Facebook credentials to proceed to a site with more information about the incident. If the user enters the credentials, be they genuine or not, they are redirected to another fake Facebook page.

“As with other tragic events, i.e. the crash of Malaysia Airlines Flight 370, the Boston marathon attack, or recent terrorist attacks in Europe — these incidents become an opportunity for criminals to trick victims with social engineering techniques.”

ESET Ireland said the scam spreads quickly because Facebook users often share stories without actually reading them.

“Scam campaigns, if designed to be emotionally appealing, fare surprisingly well because of our unfortunate behavior,” said Mr ?Stefanko.

“In the past weeks, there were 84 domains registered by the same person. Several of them have the Facebook phishing functionality, while others could be used in future for a larger scale attack.

“After learning that ESET, possibly along with other security vendors blocks the domains, they move the phishing websites to other newly established domains. It’s a never-ending cat-and-mouse game.”

“We urge Facebook users to pay attention to what they are about to like or share.”

The security experts also said that anyone who thinks they might have been tricked into sharing their Facebook credentials, should change their passwords.

Furthermore, if users have been using the same password across multiple services, they should change the password wherever applicable.


Mountaintop monasteries, vicious-looking vultures, and a seriously impressive cable car.As Ryanair launches flights to Armenia, here’s why it deserves to be your next holiday destination

Jools Holland and his Rhythm & Blues Orchestra played a storming gig at Cork Opera House, writes Des O'Driscoll Live Music Review: Jools Holland and his Rhythm & Blues Orchestra

Concerns about people’s ability to access their own money have been growing – here’s what the debate is all about.Are we actually going to end up as a cashless society?

Esther N McCarthy mixes it up with spins on kitchen classics, Munster-based design news plus an absolute diamond of a poufMade in Munster: Wish list of the best products in the province

More From The Irish Examiner