Phishing is one of the most common cybercrime variants, and criminals are always looking for new ways to catch their victims. According to digital forensics specialists, a new Facebook campaign related to fake ads from the streaming platform Disney Plus, which is now available in some countries, has been detected.
The malicious campaign was detected by ESET researchers, who have been involved in tracking many other social media phishing campaigns. When analyzing the ads, experts discovered that the page that serves these fake ads was created just a couple of days ago.
Detection of fraudulent ads
To continue the investigation, digital forensics specialists pretended to be a user falling into the trap by clicking on the ads. After interacting with the phishing ad, users will find the following screen:
One thing that stands out on the website to which users are redirected is that it has an SSL certificate, so it might seem secure. However, specialists point out that this only means that the information that users send to the server is kept protected, the server is controlled by threat actors. A tip for verifying the legitimacy of an SSL certificate is to double-click the lock icon, which will display the owner’s name.
The malicious form
By accessing this site, users will find a form to start a free trial period on Disney Plus, with which threat actors seek to collect details such as full names, username, password, payment card numbers, among other details.
After completing the form and submitting the data, an error message will appear, mentioned by digital forensics experts.
For some users this could be an alarm signal, unfortunately at this point their confidential information has already been completely compromised. In this case, victims are advised to notify their banking institution immediately in order to avoid fraud. Resetting your login credentials for any online platform is also recommended.
In addition to the recommendations above, users should remember that no streaming service or the like is free, so any offer that seems too good to be true will surely end up being a scam. For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.