Facebook Phishers Change Tactics, Start Targeting Large Group Admins

-Warning Icon-We’ve written about two Facebook phishing schemes in the past two days and it appears that it’s not stopping. Today, the admin of two groups with over 1 million members, sent us a tip about a company looking to scam group admins. Rather than just sending a typical message with the link to a site (as previous phishing scams have done), the phishing group sends out messages to large group administrators offering to purchase their group. The anonymous administrator received the following message:

We want to Buy your Group in 10,000 US Dollars. 100% Guarantee of Payment!

Dear Admin,

We belong to a one the best Online Marketing Company. We saw your BIG GROUP and interested in buying it. Our offer is 50000 US Dollars. If you want to sell it then please contact us in next 48 hours on this address:

http://facebookgroups.onlinewebshop.net

The message was sent by somebody named Pepe Cáceres Sánchez. While we don’t actually know Pepe, we know what the user was trying to accomplish. By convincing group admins to enter their account information, they have the potential to command influential groups and target Facebook users en masse.

Checking out the domain registrar and the location of the server, it appears that these phishers are running their servers in Cuba. Among spammers, it’s very hard to determine who is actually running a server though as servers are often hacked to run large scale phishing campaigns. Facebook has been extremely aggressive in pursuing spammers but this one appears to be a new one.

A number of people have already fallen for the scam. After entering your email and password (real or fake), you are eventually redirected to this group. Also I should know that Pepe and the scammer may not actually be affiliate, instead Pepe may just be another victim of this new scam. We’ll be sure to update you if we hear of any other phishing schemes taking place.