13 matches found
A week in security (May 4 – May 10)
Last week on Malwarebytes Labs: Microsoft says Edge’s plaintext password behavior is "by design" ShinyHunters escalates Canvas attacks with school login defacements Massive AI investment scam network spans 15,500 domains If a fake moustache can fool age checks, is the Online Safety Act working?...
Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally...
The Unfriending Truth: How to Spot a Facebook Phishing Scam Before It's Too Late
The Unfriending Truth: How to Spot a Facebook Phishing Scam Before It's Too Late By Mark Joseph Marti · January 12, 2026 Introduction As one of the world's largest social media platforms, with over 3 billion active users, Facebook is a frequent target for phishing scams. Hackers aim to hijack use...
Facebook users targeted in ‘login’ phish
A few weeks ago we warned our readers of a phishing campaign targeting Instagram users that didn’t resort to the usual links to phishing websites, but used mailto: links instead. Now, it seems that these scammers have turned their attention to Facebook users. It works like this: The target receiv...
Phishers Exploit Salesforce's Email Services Zero-Day in Targeted Facebook Campaign
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to craft targeted phishing messages using the company's domain and infrastructure. "Those phishing campaigns cleverly evade conventional detection methods...
A week in security (May 16 – 22)
Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sites How COVID-19 fuelled a surge in malware Why MRG-Effitas matters to SMBs “Look what I found here” phish targets Facebook users AirTag stalking: What is it, and how can I avoid it? Long lost @ symbol get...
A week in security (February 11 – 17)
Last week on Malwarebytes Labs we discussed the return of the Sextortion Bitcoin scams, we gave you an early overview of the exploit kits in the winter of 2019, we talked about the destruction of VFEmail service, for consumers we discussed whether you should remove yourself from social media, for...
Facebook phishers want you to “Connect with Facebook”
As we edge toward Christmas, scammers are throwing their own party—in the form of Facebook phishing pages linked to and from bogus landing pages hosted on sitesdotgoogledotcom URLs. These landing pages, adorned with very large and very fake "Login with Facebook" buttons, may be extra convincing t...
Scam Alert: Your Trusted Friends Can Hack Your Facebook Account
If you receive a message from any of your Facebook Friends asking for urgent help to recover their Facebook account, since they've added you as one of their 'Trusted Contacts'—just don’t blindly believe it. Researchers have detected a new Facebook phishing scam that can even trick an experienced...
On Porting EternalBlue to Windows, Facebook Phishing, and More
Mike Mimoso and Chris Brook discuss the news of the week, including how EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple announcements. Download: ThreatpostNewsWrapJune92017.mp3...
Discovered the biggest Facebook phishing in French
Discovered the biggest Facebook phishing in French Two Days before we publish that Geeks at Security Web-Center Found 25 Facebook phishing sites. Security Web-Center found another biggest Facebook phishing site in French which steal more then 5000 usernames and passwords, using the fake domain...
Exposing 25 Facebook phishing websites
Exposing 25 Facebook phishing websites Geeks at Security Web-Center Found 25 Facebook and list them. Sometimes spammers create fake pages that look like the Facebook login page. When you enter your email and password on one of these pages, the spammer records your information and keeps it. This i...
Exposing 25 Facebook phishing websites
Exposing 25 Facebook phishing websites Geeks at Security Web-Center Found 25 Facebook and list them. Sometimes spammers create fake pages that look like the Facebook login page. When you enter your email and password on one of these pages, the spammer records your information and keeps it. This i...