Widespread Facebook scam hijacks accounts with fake monetary prizes

Summary

A widespread Facebook scam is hijacking accounts by using the pretext of a made-up monetary prize. The weekly review also covers new top-level domains and NCSC-FI’s participation at the Disobey hacker event.

Key Details

• Platform: Facebook
• Method: Fake monetary prize offer
• Result: Account hijacking
• Scope: Widespread
• Timeline: May 2023

Context

Social media account takeover scams continue to exploit users’ desire for financial gain, using prize notifications as effective social engineering lures.

Notes

• Classic social engineering technique (prize lure)
• Platform-specific threat (Facebook)
• Confidence: high