Cyber criminals are exploiting Facebook’s offering of $100 million in cash grants to businesses affected by the coronavirus pandemic.
Potential victims see an article seemingly from CNBC, a world leader in business news with a monthly audience in the hundreds of millions, saying Facebook is giving grants to users hit by COVID-19 and including a link to apply for a grant. The grammar should give away the game, and the URL, which does not start with cnbc.com, is another suspicious element.
Those who turn a blind eye to the clumsy English and wrong URL are taken to another portal that bears more than a striking resemblance to the official site of Mercy Corps, a charity that helps victims of natural disasters and armed conflicts. However, the only topic on this one is Facebook grants, and the victim is asked to specify how many years they have been a user of the social network. Victims are asked for their Facebook username and password credentials which go straight to the cybercriminals. Then, to accept the application, the site requires a lot more information, supposedly to verify your account: your address, social security number (for US citizens), and even a scan of both sides of your ID. No fields can be left blank, and the site diligently prompts you about any omissions.
Reference: https://www.kaspersky.com/blog/facebook-grants/37181/?web_view=true
Leave a Reply
You must be logged in to post a comment.