“Are you in that video?” No, hacker attack. We know how to defend ourselves

Similar attacks periodically return like birds behind the heat, and many of us have already somehow armored themselves in front of them, but this one is, unfortunately, very effective. This is about cyber fraud, which has been bothering a large number of Facebook users and its Messenger in the Czech Republic in recent days and weeks. If you received a message like “Are you in that video?” with an attached link to the apparent video, or an acquaintance informed you that you are already unknowingly sending it, this text is primarily for you. But also for anyone else who wants to avoid the mess associated with this attack as a precaution.

Who is behind the attacks, what does he want to achieve and how does he do it?

The first wave of this particular phishing (unfair activity in order to obtain sensitive data, eg login) is several weeks old and the link, which attracts the video, but leads to a fake Facebook login page, has been linked to Hungarian servers. Now, however, it is possible that the attackers (even in several independent groups) operate from anywhere. The purpose of the attack is to obtain the login details of the Facebook user, for which trust is used and mentioned fake login page.

When a user clicks on a link and makes a false login on a fake page, it’s bad. At that moment, the data is obtained directly by attackers, who can use it in several ways. Messaging “Are you in that video?” or other phishing attempts is still the least insidious variant. You can easily lose your entire account and if your Facebook account is actively linked to other websites or applications it can be even worse.

What should I do if I’m involved?

If you received a message of this type (it doesn’t have to be just this particular form) and you correctly guessed that something was wrong, inform the consignor concernedthat his account is most likely compromised. Ideally not via Messenger. If you have been a direct victim of this fraud and have entered the required information on the mentioned fake page, first of all instantly change your Facebook account password. You probably have the old one, because the attackers have no reason to change it right away. If you succeed, you’re in luck.

Subsequently, we strongly recommend turning it on Facebook (but also in any application or service that offers it) two-phase login alias 2FA. Adding another step to your login will minimize the likelihood of unauthorized access to your account. 2FA complicates your login only minimally, but the attempts of attackers eliminate it very strongly.

How to try to effectively avoid these attacks?

Technically, the first preventive step should be to turn on this two-phase login. Furthermore, it is of course appropriate to look at similar-sounding messages a little more suspiciously, even though in this particular case it is the form of the sent out is truly “successful” and believable. If it turns out to be a scam, be sure not to hesitate to send it inform about what is happening. If you also record these cases in your surroundings indirectly (for example, through mentions on the walls of friends), it is also useful to spread enlightenment. For example, by sharing this article.

The message “Are you in that video?” or another phishing attempt?