Facebook Phishing Targeted iOS and Android Users [source: f-secure]
by CIRT Team
Two weeks ago, a co-worker received a message in Facebook Messenger from his friend. Based on the message, it seemed that the sender was telling the recipient that he was part of a video in order to lure him into clicking it.
The shortened link was initially redirecting to Youtube.com, but was later on changed to redirect to yet another shortened link – po.st:
The po.st shortened link supported two types of redirection links – original link and smart links. If the device that accessed the URL was running in iOS or Android, it was redirected to the utm.io shortened link, otherwise it was redirected to smarturl.it.
So for the iOS and Android users, they were served with phishing page.
For the rest of the devices, the users ended up with the smarturl.it link that went through several redirections which eventually led to contenidoviral.net. That page contained an ad-affiliate URL which redirected to mobusi.com, a mobile advertising company.
For more, click here.