Security researchers from Trend Micro are alerting of a new spam messages that are spoofing official Facebook Chat Team notification. The spam message is a fake Facebook Chat verification that asks user to verify and approve their accounts otherwise the account is going to be terminated.
This type of spam message may trick user and by the end allows cybercriminal to hijack Facebook accounts. The attack scenario looks as follows:
- Next the victim instructed to open a shortened link that leads to Web console
Screenshot by TrendMicro for the spam message
“This is a variant on the self-XSS attack. By pasting the code in the browser console, the user gives the code access to their account. The code usually posts the same scam on other people’s walls, and subscribes the user to pages controlled by the attacker – but it could do much worse things.” According to The official Facebook warning notes
If you receive a similar message make sure to Ignore the message and report it as a spam.