Friday, December 8, 2023

Beware: Innovative Phishing Threat Targeting Facebook Mobile Users

In the past, we came through a number of Phishing campaigns where the attackers using Valid TLD itself for phishing and the Punycode attack demonstrated by Xudong Zheng.

Now hackers find a new way innovative method to create believable URL’s and targeting mobile users, specifically Facebook users.Security experts from Phishlabs came through this new campaign targeting mobile users.

Security expert Crane Hassold says “Instead of attempting to make genuine looking
URLs, threat actors have begun including genuine, legitimate domains within a
longer URL, and padding it with hyphens to hide the real target“.

For Example


You can see the URL starts with but the real destination URL here is, not

Innovative Phishing Threat Targeting Facebook Mobile Users

You can see the screenshot, where you can see only the and an endless stream which hides the original target address.This smart addition of the Facebook favicon in the address bar looks like the site is exceptionally genuine.

Lack of attention

Inattentive mobile users easily fall into the trap and give away their valuable credentials to the attackers. Generally, these phishing URL’s are transferred through SMS, Chats, and Emails.

Here you can see some more examples.


Crane Hassold says “it’s highly likely that this tactic is being distributed via SMS phishing or through the social messenger, rather than email”.

One can easily identify the Phishing URL that sent through email by just hovering our the link, but that is not possible if the URL provided through SMS.

Security researchers said they have spotted more than 50 attacks of this type and has a rapid growth from last March.

Hackers not using this method for credential harvesting alone, they use to send more phishing URL’s via status updates or private messages.

Common Defence’s against phishing

  • We know logically the organizations like Facebook will not send the login URL through SMS. You should think that before opening.
  • Always make sure that you entering Login credentials and Card details on a HTTPS page.
  • Don’t open the attachments that you are not expecting.
  • Hover the URL to find the URL’s Integrity.
  • It is always better to type the URL directly in the address bar.

Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles