A new phishing attack bent on stealing Facebook credentials has been spotted – and it’s turning researchers’ heads due to how well it hides its malicious intent.
Researchers with password management company Myki on Thursday said that attack reproduces a social login prompt in a “very realistic format” inside an HTML block. That block is embedded on a malicious website that victims must first be convinced to visit.
“We would like to raise awareness on the issue as quickly as possible, due to how realistic and deceptively convincing the campaign is,” Antoine Vincent Jebara, co-founder and CEO of Myki, said in an analysis of the scam.
