A Facebook scam exploiting more than 13 million records has been exposed by cyber security researchers who said that hundreds of thousands of Facebook users have fallen victim to the scam.
The news comes from researchers at vpnMentor who say they discovered a database containing 5.5GB of personal information, including names, phone numbers, usernames and even password information stored on an unsecured server.
The researchers were able to access the server and discover the personal information of more than 200,000 Facebook users that they believe had been duped by a Bitcoin or cryptocurrency scam posted on Facebook. They have published their findings in a blog post detailing the fact that the Facebook scam had been successfully exploiting 13 million records, which was exposed by their work.
According to a report from InfoSecurity Magazine “the two datasets are part of the same operation: the first group were tricked into handing over their account log-ins by a fake app promising to reveal who had recently visited their profile. With these log-ins, the scammers hijacked the victims’ accounts and posted comments on their Facebook posts, with links directing individuals to a Bitcoin fraud scheme.”
The researchers at vpnMentor say that in total, there were more than 13.5 million records stored on the database. They were able to discover the treasure trove of information after “the fraudsters left the database used to harvest and store their victims’ details completely open for anyone to view and access.”
“With this information, we were able to expose their operation,” writes vpnMentor.
Just a day after the firm discovered the database that exposed the scam exploiting more than 13 million Facebook records, the database was deleted. “New data immediately started to appear again before those in charge finally secured the server,” reports state.
To find out more about an Information Security Management System like ISO 27001, Click Here for your Free Gap Analysis Checklist
Some analysts are concerned that the database is just one part of a much larger scheme to compromise the log-in details of Facebook users for later attempts at accessing their emails, and even financial information.
This is due to the well-established fact that people reuse their passwords across multiple log-ins for their personal, profession and financial accounts.
“With access to users’ Facebook accounts, the cyber-criminals behind this campaign have a highly monetizable resource for posting malicious links to scams, launching follow-on phishing or identity fraud attempts, blackmail and credential stuffing of other accounts,” writes Phil Muncaster.
VpnMentor has said in a statement that “if you’re a Facebook user and think you’ve been the victim of this fraud, change your login credentials immediately. Furthermore, if you reused your Facebook password on any other accounts, change it immediately to protect them from hacking.”
“We recommend using a password generator to create unique, strong passwords for every private account you have, and changing them periodically. Never provide usernames and passwords for Facebook, email or financial accounts to external websites,” they said.
The news is particularly important due to the fact that the threat environment online is continually evolving, and hackers are always looking for new avenues to take advantage of internet users that are not aware of the best practices while browsing.
For more information on how you can reduce the risk of a data breach in your personal life, or mitigate the chances of a cyber attack on your organisation – particularly if you’re working remotely – click here for our guide to reducing the risk of information and data breaches.
Don’t forget to check our News page for the latest industry-relevant news, how-to guides and ISO-explainers.
