CyberSecurityBoard
Sponsor Register Login

New Phishing Attack Mimics Facebook Login Page to Steal Credentials

The malware’s evasion strategy centers on dynamic JavaScript that weaponizes the window.opener property, obliterating traditional origin checks before endpoint security tools can inspect the Document Object Model. The malware surfaced on 24 July 2025 when multiple redirection chains began populating social-media ads and compromised WordPress sites with a fake “Are you human?” prompt that routes through domains such as recaptcha-metahorizon[․]com and facefbook[․]com. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Gen Threat Labs analysts noted that the HTML automatically harvests username and password values through an injected onsubmit event, posting the credentials to an attacker-controlled API before refreshing the real facebook․com page to mask the breach. When embedded inside the spoofed iframe, the script also crawls for anti-bot artifacts—such as webdriver flags or sandboxed extensions—and aborts execution on detection, ensuring analysts receive a benign CAPTCHA loop. Once the user interacts, a perfectly skinned BitB window launches, complete with legitimate Facebook SSL indicators and an address bar snapshot captured via CSS to foster trust. The lure hinges on a deceptive CAPTCHA challenge that seamlessly morphs into a counterfeit Facebook session window, duping victims across desktops and mobile browsers alike. By limiting telemetry exports to POST requests and auto-tearing down fake domains within 60 minutes, the operators minimize network indicators and slip through signature-based web-gateways. Unlike earlier BitB efforts, this variant leverages cloud-hosted edge functions to rotate infrastructure hourly, frustrating block-lists and extending the dwell time of malicious hosts. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. Enterprises report secondary account takeovers and business-page hijacking that fuels payroll-diversion scams and ad-credit theft, amplifying the blast radius well beyond personal profiles. A rapidly evolving campaign is using a Browser-in-the-Browser (BitB) overlay to impersonate Facebook’s login and siphon user credentials.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 25 Jul 2025 10:05:13 +0000


Cyber News related to New Phishing Attack Mimics Facebook Login Page to Steal Credentials

Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
1 year ago Bleepingcomputer.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
New Phishing Scam Hooks META Businesses with Trademark Threats - The phishing scam falsely asserts that the victim's Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. There is no actual infringement; it's all part of the scammer's malicious plan. In a recent wave of ...
1 year ago Hackread.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
1 year ago Hackread.com
How to Delete a Facebook Business Page With Our Guide - An inactive Facebook business page won't do your brand any good; sometimes, it may be best to delete it and start fresh. Deleting a page is straightforward and can be undone within 14 days, as here's how you do it. No matter the reason, there may ...
1 year ago Hackercombat.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
3 months ago Bleepingcomputer.com
Facebook Introduces New Features: Top 20 Most Essential SEO-Optimized Long-Tail Keywords - Facebook recently unveiled several new features to its platform, designed to improve user experience and drive new levels of engagement. Among the new features are advanced personalization options, more powerful security tools, and improved ...
2 years ago Thehackernews.com
How do I block Taylor Swift news from invading my Facebook timeline? - The short answer is that you can't block Taylor Swift from invading your Facebook line. Over the years, Facebook has tested features that allow users to mute certain words from appearing on a user's timeline Feed. In the old days, being able to ...
1 year ago Pandasecurity.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
Facebook's New Privacy Nightmare: 'Link History' - Facebook is doubling down on tracking your behavior, despite the efforts of regulators worldwide. Its new Link History app feature is yet another AdTech privacy dark pattern. Meta's Mister Zuckerberg pretends it's all for the good of Facebook users. ...
1 year ago Securityboulevard.com
Facebook and Instagram passwords were stored in plaintext, Meta fined | Malwarebytes - In 2019, a private security researcher reported finding a database with the names, phone numbers, and unique user IDs of over 267 million Facebook users. Ireland’s privacy watchdog Data Protection Commission (DPC) has fined Meta €91M ($101M) ...
9 months ago Malwarebytes.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
3 months ago Cybersecuritynews.com
New Phishing Attack Mimics Facebook Login Page to Steal Credentials - The malware’s evasion strategy centers on dynamic JavaScript that weaponizes the window.opener property, obliterating traditional origin checks before endpoint security tools can inspect the Document Object Model. The malware surfaced on 24 July ...
20 hours ago Cybersecuritynews.com
AI-Powered Phishing Detection - Does It Actually Work? - Unlike traditional methods that rely on identifying known threats, AI-powered systems analyze patterns and behaviors to detect anomalies indicative of phishing attempts. The rise of artificial intelligence (AI) has brought new hope to combating these ...
3 months ago Cybersecuritynews.com
CoGUI phishing platform sent 580 million emails to steal credentials - The messages include a URL that redirects to a phishing website hosted on the CoGUI phishing platform, but the link only resolves if the target meets specific criteria pre-defined by the attackers. A new phishing kit named 'CoGUI' sent over 580 ...
2 months ago Bleepingcomputer.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
Browser-in-the-Browser attacks target CS2 players' Steam accounts - A new phishing campaign targets Counter-Strike 2 players utilizing Browser-in-the-Browser (BitB) attacks that display a realistic window that mimics Steam's login page. Basically, this phishing technique creates fake browser windows within real ...
4 months ago Bleepingcomputer.com
New phishing attack steals your Instagram backup codes to bypass 2FA - A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account. Two-factor authentication is a ...
1 year ago Bleepingcomputer.com
Facebook Marketplace Is Being Ruined by Zelle Scammers - Some scams encourage people to upgrade their Zelle accounts to a business tier to receive money from a buyer, according to the Better Business Bureau, and come from emails mimicking Zelle, but with different domains. That upgrade appears to cost ...
1 year ago Wired.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
1 year ago Hackread.com
Meta brushes off risk of account theft via number recycling The Register - The core problem is that telecom companies recycle phone numbers that have been abandoned after a brief waiting period - at least 45 days in the US. That can become a problem because many online services require a phone number to identify users ...
1 year ago Theregister.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
1 year ago Netcraft.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)