Kathmandu. It has been found that a massive fishing campaign has been conducted using the profile picture and name of Nepal Telecom. According to the cybersecurity company Threatnix, the login credentials of 615,000 Facebook users have been stolen in such Facebook phishing scams operating in different countries including Nepal.
According to ThreatNix, 615,000 Facebook users from different countries, including Nepal, have been affected by phishing using GitHub pages and targeted Facebook ads.
According to ThreatNix, Facebook login credentials of users from Nepal, Egypt, the Philippines, Tunisia, Pakistan, and other countries have been stolen from the widespread phishing campaign.
Under the campaign, hackers have been found to be phishing people by copying local Facebook posts and pages from different countries and luring them to advertise and offers similar to those countries.
In Nepal, a sponsored Facebook page lured people to a phishing site hosted on GitHub by showing greed for three GB of mobile data from Nepal Telecom.
The hosted phishing site had a login panel for users. After logging in, users’ login credentials were hacked.
The page contained the name and profile picture of Nepal Telecom, which was very difficult for ordinary users to separate from the official Facebook page.
From the same page in GitHub, all the phishing credentials have reached the site with two endpoints, a Firestore database and another phishing group domain, Threatnix has mentioned in its blog site.
However, Facebook has already stopped approving ads for such phishing pages. But scammers use Beatle Link, which at first glance looks like an honest page. But after approval, all of them have changed to phishing domains.
According to ThreatNix, there are now 500 GitHub repositories with phishing pages as part of the same phishing campaign. Some of these pages are closed and some are not available.
It is mentioned in the blog that the number is increasing at the rate of 100 per minute as 615,000 stolen credentials were seen till the publication of the blog. Therefore, it is estimated that this number has increased even more.